Cybersecurity experts have been busy since the beginning of the 21st century (even before that).
While data breaches were already on the rise, we witnessed a particular increase in ransomware attacks this year.
This is all in addition to businesses’ and consumers’ ignorant behavior toward securing their systems, fixing bugs, and paying attention to their online privacy.
Perhaps, this is why, despite repeated alerts and recommendations, the cybercriminals succeeded in their malicious activities. Today, seeing businesses shutting down due to hackers is not shocking.
So, with this article, we list the top privacy and security stories of the 21st century (2000 till now).
Top 30 privacy and security stories of the 21st century — Quick list
- Travelex paid for recovery after a ransomware attack: On December 31, 2019, Travelex services suffered a ransomware attack from the Sodinokibi gang which took down their websites and mobile apps.
- CoronaVirus ransomware rose amidst phishing attacks: Emails attachments disguised as medical alerts containing malware that stole user data.
- Zoombombing threatened the privacy of web conferences: Attackers exploited different Zoom glitches and vulnerabilities to break into strangers’ video meetings.
- Israel’s water systems got hacked: Cybercriminals attempted to take over the Israeli water treatment plant’s digital system and alter the chlorine quantity added to the water.
- BlueLeaks exposed secrets from hundreds of US police departments: DDoSecrets dumped 270GB of data online, including critical information from over 200 police departments spanning over 10 years.
- Apps used to store users’ clipboard data: Two researchers discovered many popular apps from different niches used to access the device clipboard without users’ consent explicitly.
- Blackbaud security breach triggered a domino effect on universities: Blackbaud was hit by Ransomware which later impacted tens of universities and other organizations.
- Vulnerabilities in critical US infrastructure uncovered: Researchers shared horrifying details about the security status of critical infrastructure in the United States.
- A huge hacking attack took over verified Twitter accounts: Accounts of key Twitter users including world leaders and influencers were hacked and used to promote crypto scams.
- Android banking trojans kept everyone busy: The 2019’s prominent Android banking trojan Cerberus was found to even steal 2FA codes from the Google Authenticator app.
- Cyberattack at UHS hospitals network and others amidst COVID-19 peak: A ransomware attack targeted Universal Health Services in September 2020, causing service disruptions.
- Malicious apps running adware campaigns targeted Android/iOS users: A teenage TikTok user found aggressive promotion of an app via TikTok. It was later discovered to be an adware campaign running via seven apps with over 2.4 million downloads
- Microsoft’s Zerologon vulnerability went under exploit: Attackers exploited a bug on the Netlogon Remote Protocol to gain elevated privileges after connecting to a domain controller.
- Multiple attacks on COVID-19 vaccine firms: North Korean hackers targeted COVID-19 vaccine front-runners, including AstraZeneca, Johnson & Johnson, Novavax, and the South Korean firms, Celltrion, Genexine, and Shin Poong Pharmaceutical.
- SolarWinds cyber attack: The attackers injected malicious codes and backdoors to an Orion Platform product from SolarWinds which allowed them to spy on and steal data from the product’s users.
- DoD & NASA Hacks: The hacker created a backdoor on the servers and downloaded high-level software worth over $1.7 million.
- CardersMarket Hacks: This cyberattack compromised 2 million credit cards and resulted in fraudulent purchases worth $87 million.
- Heartland Payment Systems: The company suffered a data breach that affected up to 100 million cards and over 650 financial service companies.
- Stuxnet: Israeli secret agencies and the US joined hands to develop a worm Stuxnet meant to jeopardize Iran’s nuclear weapons program.
- Operation Aurora – the Google Hack: The company faced a series of attacks dubbed ‘Operation Aurora’ instigated by the Chinese government’s military. Despite taking place in the 2000s, the attacks surfaced in 2010.
- The Press Release hackers: Cybercriminals from Eastern Europe utilized breached newswire systems and used confidential data to anticipate stock market changes and make trades that generated over $100 million in profits.
- LulzSec and the “50 days of luls”: The attack consisted of a group of cybercriminals that targeted video game companies, multinationals, and government agencies.
- Diginotar hack changes the browser landscape: The incident involved Iranian government hackers breaching DigiNotar and using it to create SSL certificates for mainstream websites such as Gmail and Google.
- Sony PlayStation hack and massive outage: In 2011, Sony reported a security breach that infringed on the private information and financial data of 77 million PlayStation Network users.
- Shamoon and its destruction: Shamoon’s main function is to wipe data, and it was used to destroy over 35,000 workstations on Saudi Aramco’s network, which caused the national oil company to suffer for weeks.
- Flame malware: It was considered the most advanced and sophisticated malware ever created until it was surpassed by Regin in 2014.
- Snowden revelations: Snowden revealed a spying network established by the US and its Five Eyes allies post 9/11, prompting nations such as China, Russia, and Iran to develop their own surveillance systems
- The Target Hack: Target acknowledged that malware installed on its in-store systems enabled cybercriminals to gather payment card information for approximately 40 million customers.
- The Adobe Hack: Adobe faced a cyber security incident in 2013 after criminals stole over 153 million user data.
- Silk Road takedown: The prominent dark web marketplace operating on the Tor network, was shut down in 2013, marking the first significant closure of its kind.
These are not just stories. Nor are we discussing these incidents as a mere roundup.
We want to emphasize the importance of cybersecurity and privacy for everyone, whether a business or an individual.
And we hope and wish these issues not to witness again in 2023.
Some fascinating cyber attack statistics of the 21st century
- A 2013 security breach at Yahoo led to the unauthorized access of 3 billion user accounts.
- In 2014, another notable breach compromised 145 million eBay users.
- On average, every 39 seconds, a computer connected to the internet faces a hacking attack.
- Every year, 33% of Americans experience a significant cyber attack on their computer.
- As a result of hackers gaining access to credit and debit cards, Target extended a storewide discount of 10% and free credit monitoring services to affected customers.
- LinkedIn had over 117 million account credentials, including emails and passwords, stolen in 2012.
- Also, in 2013, MySpace’s security breach exposed a database with over 427 million passwords and 360 million emails.
- Since 2020, cybercrime has risen by over 600%.
- The world loses over $6 trillion yearly to cybercrime.
- By 2025, the cost of cybercrime per year will rise to over $10.5 trillion.
- Over 71.7 million fall prey to cybercrimes annually.
- On average, ransomware attacks are 57 times more destructive in 2023 than they were 10 years ago.
- It takes an average of 277 days to identify and resolve a data breach
- Cryptojackers earn an average of $1,600 per month from the crime.
100+ interesting privacy and security stories from 2000 till now

1. Travelex paid for recovery after a ransomware attack
The year began with the news of a devastating attack on the British currency exchange Travelex. The incident was just towards the end of 2019, and its effects lasted for months in 2020.
Precisely, on December 31, 2019, Travelex services, including their websites and mobile apps, suddenly went offline. The firm disclosed the incident as a cyber attack. However, some users and other observers could judge the involvement of malware in it.
Eventually, on January 7, 2020, it surfaced online that the firm had suffered a ransomware attack from the Sodinokibi gang.
Investigations revealed that Travelex was running vulnerable Pulse Secure VPN servers that facilitated the attack despite the patches’ availability.
The attackers encrypted the Travelex network and stole data before that.