Menu Icon
< back to main
 • 5 min read

Timeline of Recent Cyber Breaches

As we have seen over time, cyberattack events are on the rise, and postponing remediation can lead to destructive consequences.

Timeline of Recent Cyber Breaches
Mary Elliott
Mary Elliott

Passionate about marketing and communications within the cybersecurity industry, Mary Elliott is a published writer who enjoys all things content marketing, copywriting/editing, and digital communications.

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

“Until you have experienced something like this, you don’t realize just what can happen, just how serious it can be.” — Soren Skou, Maersk’s CEO

As we have seen over time, cyberattack events are on the rise, and postponing remediation can lead to destructive consequences. Major information compromised, often millions of dollars in payment, and the loss of sales and customers are just a few examples of the business impact of cyberattacks in the age we’re living in.

Between 2019 and 2020 alone, ransomware attacks increased by 62% according to SonicWall’s recent report. With one cyberattack every 1.12 seconds (according to The Internet Crime Complaint Center’s 2020 report), companies are raising questions about why cyberattacks are occurring more frequently and how to better guard against them.

Where vulnerabilities are left undiscovered and unremediated, the door is left open for cyberattackers to compromise sensitive information and exploit weaknesses. The March 2017 Equifax breach is just one example of a destructive security breach, which led to:

  • Personal information from 148 million people exposed
  • A record-shattering $700 million FTC settlement
  • $1.4 billion spent remediating the cybersecurity incident

The breach occurred because of a known Apache vulnerability that had a patch available but was not implemented, allowing attackers to infiltrate and cause damage when it was too late.

“This was not a crazy technical problem that lacked a solution. The technical solution was available; this was a lack of people and process innovation.” — Caroline Wong, Cobalt’s Chief Strategy Officer

Before looking ahead at how to fix and prevent the most common vulnerabilities, let’s take a look at a few high profile cyberattacks of 2020/2021:

Recent High Profile Cyberattacks

Oracle BlueKai - June 2020

Oracle’s BlueKai is a data management platform that tracks web activity and uses data to fuel a personalized marketing experience. Due to a server that was left unsecured, billions of records were exposed last June, resulting in an outpour of easily accessible customer data.

Twitter - July 2020

Hackers compromised over $118,000 worth of bitcoin in the infamous social engineering attack on Twitter. The cybersecurity incident exposed the vulnerability of the major global social media platform, and according to the Twitter Investigation Report, “it was surprising how easily the Hackers were able to penetrate Twitter’s network and gain access to internal tools allowing them to take over any Twitter user’s account.”

Düsseldorf University Hospital - September 2020

A ransomware attack jeopardizing patient healthcare information at Düsseldorf University Hospital last September turned into a life-threatening situation. A woman in need of emergency treatment was rerouted due to a cyberattack, causing the first known death at a hospital directly tied to a cyber attack. “The incident is clearly an important reminder, though, of the real-world impacts of ransomware attacks on health care facilities and any critical infrastructure,” according to The Worst Hacks of 2020, a Surreal Pandemic Year.

SolarWinds - December 2020

When hackers broke in and added malicious code to the company’s software system called Orion, this created an in to discover detailed sensitive information and left clients vulnerable for months. The major IT firm SolarWinds fell victim to this cyberattack that spread from the company to its client base of over 33,000 who were using Orion at the time.

Facebook - April 2021

Over 533 million Facebook users were subject to exposed personal information, including birthdates, full names, email addresses, phone numbers, and more after a vulnerability from the year prior. “The vulnerability uncovered in 2019 allowed millions of phone numbers to be scraped from Facebook's servers in violation of its terms of service,” according to this Insider article.

Colonial Pipeline - May 2021

The Colonial Pipeline is the largest pipeline system for refined oil products in the U.S., controlling copious amounts of gasoline, jet fuel, and diesel along the East Coast. In more recent news, the pipeline went down due to a cyberattack that caused major shortages and price spikes across the United States, along with a ransom demand.

A commonality of the major cyberattack events over time is the fact that companies were unaware of their vulnerabilities that attackers were then able to exploit. With that in mind, findings from The 2021 State of Pentesting report concluded that the top 5 most common vulnerability categories have remained the same every year since 2018. The State of Pentesting report analyzes data from Cobalt’s Pentest as a Service (PtaaS) platform, and the report looks closer at the types of tests performed and the types of security issues Cobalt Core pentesters found in 2020.

Top 5 Findings

The State of Pentesting not only highlights the top vulnerabilities, but the report also shares insights into how prevention and remediation workflows can improve to strengthen security. See how pentesting can evolve as a layer of defense to better guard against cyberattacks. Download the full The State of Pentesting 2021 report for a deeper look into the most common types of vulnerabilities based on 1,600+ pentests conducted through Cobalt’s Pentest as a Service (PtaaS) platform.

Cybersecurity Insights

Related Stories

How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
What better group to turn to for advice than security leaders who have worked on the front lines of risk and uncertainty?
Read moreArrow Right
Cybersecurity Statistics for 2021
Cybersecurity Statistics for 2021
What's new in ransomware, social engineering, and many other security threats
Read moreArrow Right
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
Find out more about the role of pentesting in your company’s compliance effort.
Read moreArrow Right
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
Each year, we publish The State of Pentesting report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens