Top 15 privacy and security stories of 2020 (and what can we learn from these)

Abeerah Hashim Last updated: September 14, 2022 Read time: 13 minutes Disclosure

These privacy and security stories highlight various underlying causes. They have taught us many critical lessons.

Sneak peek at privacy and security stories

The year 2020 has been a roller coaster ride for the cybersecurity community. From the ever-evolving cybersecurity threats to the changing IT requirements of the remote-working model, the security officials have had to deal with a lot of technical stuff. Consequently, 2020 provided us with many privacy and security stories that can serve as a lesson for the IT personnel to devise their security plans in the coming years. This article quickly reviews a few memorable stories with a lesson for everyone.

The cybersecurity experts had a pretty busy time since the beginning of the year 2020.

While data breaches were already on the rise, we witnessed a particular increase in ransomware attacks this year.

This is all in addition to businesses and consumers’ ignorant behavior towards securing their systems, fixing bugs, and paying attention to their online privacy.

Perhaps, this is why, despite repeated alerts and recommendations, the cybercriminals succeeded in their malicious activities. Today, seeing even the businesses getting shut down due to hackers is not shocking.

So, with this article, we list the top 15 privacy and security stories of 2020.

These are not just stories. Nor we are discussing these incidents as a mere roundup.

We want to emphasize the importance of cybersecurity and privacy for everyone, be it a business or an individual.

And we really hope and wish these issues to not witness again in 2021.

Top 15 privacy and security stories of 2020

top privacy security stories 2020
(123RF)

1. Travelex paid for recovery after a ransomware attack

The year began with the news of a devastating attack on the British currency exchange Travelex. The incident just towards the end of 2019, and its effects lasted for months in 2020.

Precisely, on December 31, 2019, Travelex services, including their websites and mobile apps, suddenly went offline. The firm disclosed the incident as a cyber attack. However, some users and other observers could judge the involvement of malware in it.

Eventually, on January 7, 2020, it surfaced online that the firm had suffered a ransomware attack from the Sodinokibi gang.

Investigations revealed that Travelex was running vulnerable Pulse Secure VPN servers that facilitated the attack despite patches’ availability.

The attackers not only encrypted the Travelex network but also stole data before that.

In the following weeks, Travelex gradually restored its services (seemingly) while claiming that they found no evidence of data loss. Although the attackers claimed to have stolen 5 GB of personal data, they threatened to leak upon the ransom’s non-payment.

In April 2020, it turned out that Travelex paid $2.3 million as a ransom to the attackers (they had demanded $3 million). Besides this fact, no further details about the handling of compromised data surfaced online.


2. CoronaVirus ransomware emerged amidst phishing attacks