Threat Report 2019

2019 was a very active year for the threat actors worldwide. Here is a list
of only few major breaches in the past 12 months.
  • January 16th “Fortnite” got hacked. By keeping an old and unsecured web
    page “Fortnite” left its players exposed to the risk of having their
    accounts hacked
  • January 17th Oklahoma Department of Securities. The “UpGuard Data Breach
    Research team” revealed that decades’ worth of data in a storage server
    belonging to the Oklahoma Department of Securities had been exposed.
  • January 17th “Collection #1”: A massive data breach known as Collection #1
    was revealed by ethical hacker and researcher Troy Hunt.
  • January 21st “Elasticsearch cloud storage”: Over 108 million records of
    bets made at websites belonging to an online casino group were stored on an
    Elasticsearch server that hadn’t been secured with a password.
  • March 29th “” : A database containing over 982 million
    email addresses was leaked by a marketing company in one of the biggest
    email database breaches to have ever occurred.
  • April 2nd “Facebook” : According to the UpGuard Cyber Risk team, a digital
    media company called Cultura Colectiva based in Mexico left over 540 million
    records of user IDs, account names, likes, and comments exposed on a
    publicly accessible server.
  • May 24th “Canva” : In May, Canva revealed that a cyberattacker had managed
    to access over 139 million users’ information, including names, email
    addresses, countries of residence, and cryptographically protected
  • May 25th “First American Corp.”: First American Financial Corp., a Fortune
    500 financial services company, was revealed to have allowed over 885
    million records to be publicly accessed by anyone who had ever been emailed
    a link to a document by the company.
  • May 29th “Flipboard” : Flipboard experienced an attack similar to the one
    on Canva between June 2018, and March 2019, when its databases were accessed
    by an unauthorized party.
  • July 15th “Bulgarian NRA data breach” : The leaked data amounted to 57
    folders with .csv files detailing the names and national identification
    numbers of some 5 million Bulgarian citizens, as well as records on
    revenues, tax and social security payments, debts, online betting data and
    company activities dating back as early as 2007, and as recently as June
  • July 29th “Capital One” : According to The New York Times, the hacker
    managed to steal over 80,000 bank account numbers, more than 140,000 Social
    Security numbers, over 1 million Canadian social insurance numbers, and
    millions of credit card applications. The data stolen dated back to as far
    as 2005, and the bank reported that the breach could potentially cost it
    more than $300 million.
  • August: A suspected Indian cyber espionage group conducted a phishing
    campaign targeting Chinese government agencies and state-owned enterprises
    for information related to economic trade, defense issues, and foreign
  • September : North Korean hackers were revealed to have conducted a phishing
    campaign over the summer of 2019 targeted U.S. entities researching the
    North Korean nuclear program and economic sanctions against North Korea.
  • October: State-sponsored Chinese hackers were revealed to have conducted at
    least six espionage campaigns since 2013 against targets in Myanmar, Taiwan,
    Vietnam, Indonesia, Mongolia, Tibet, and Xinjiang.
  • October: Iranian hackers targeted more than 170 universities around the
    world between 2013 and 2017, stealing $3.4 billion worth of intellectual
    property and selling stolen data to Iranian customers.
  • November: Iranian hackers targeted the accounts of employees at major
    manufacturers and operators of industrial control systems.

Based on the static information it is evident that the number of security threats is growing in comparison with previous years.

However it seems that the Ransomware threats are less common.

Most security breaches are targeting major organizations with offices and
resources in multiple regions.



1. Update vulnerable services
2. Only allow traffic to necessary and well secured ports
3. Update AV solutions
4. Phishing training for the employees.
5. Regular pentests would identify possible weak points