Cybersecurity experts have been busy since the beginning of 2020 (even before that).
While data breaches were already on the rise, we witnessed a particular increase in ransomware attacks this year.
This is all in addition to businesses’ and consumers’ ignorant behavior toward securing their systems, fixing bugs, and paying attention to their online privacy.
Perhaps, this is why, despite repeated alerts and recommendations, the cybercriminals succeeded in their malicious activities. Today, seeing even businesses getting shut down due to hackers is not shocking.
So, with this article, we list the top 15 privacy and security stories of 2020 till now.
These are not just stories. Nor are we discussing these incidents as a mere roundup.
We want to emphasize the importance of cybersecurity and privacy for everyone, whether a business or an individual.
And we hope and wish these issues not to witness again in 2023.
Top 15 privacy and security stories from 2020 till now
1. Travelex paid for recovery after a ransomware attack
The year began with the news of a devastating attack on the British currency exchange Travelex. The incident was just towards the end of 2019, and its effects lasted for months in 2020.
Precisely, on December 31, 2019, Travelex services, including their websites and mobile apps, suddenly went offline. The firm disclosed the incident as a cyber attack. However, some users and other observers could judge the involvement of malware in it.
Eventually, on January 7, 2020, it surfaced online that the firm had suffered a ransomware attack from the Sodinokibi gang.
Investigations revealed that Travelex was running vulnerable Pulse Secure VPN servers that facilitated the attack despite the patches’ availability.
The attackers encrypted the Travelex network and stole data before that.
In the following weeks, Travelex gradually restored its services (seemingly) while claiming that they found no evidence of data loss. Although the attackers claimed to have stolen 5 GB of personal data, they threatened to leak upon the ransom’s non-payment.
In April 2020, it turned out that Travelex paid $2.3 million as a ransom to the attackers (they had demanded $3 million). Besides this fact, no further details about handling compromised data surfaced online.