MediaMarkt
MediaMarkt has suffered a cyberattack using the form of ransomware that has affected servers of its stores preventing it from operating normally. Although the company could continue to sell through its online store and sales in its face-to-face establishments, not all of them could request collections, returns or online transactions. This has happened a few weeks before the long-awaited Black Friday 2021 in which the establishments offer very succulent discounts and increase their sales, something that happens in MediaMarkt not without certain controversies.
They have assured that this only affected them internally and that they were working with experts to analyze and identify the damage, although the problem would last for a few days. It has not only affected stores in Spain, but also in other countries such as Germany, Belgium and the Netherlands. They finally announced that all the stores had been attacked. They were 3100 the servers that were inoperative after the attack that has encrypted the computers preventing its use. Despite that, they encouraged customers to buy, since in Spain they were working normally and there were only specific problems.
SEPE
The Public Employment Service (SEPE) was attacked in March 2021 through the ryuk ransomware, which has paralyzed employment services through its website and offices, preventing it from offering many services to users, such as signing up for unemployment, renewing it or requesting an ERTE. Activity has been on hold for two weeks, although it was difficult to regain the rhythm lost during that time. They had to fill out requests manually.
After two weeks, the service was already fully operational, as claimed, and they could provide these services to citizens. Although not all of them, they were gradually reestablished over time. This attack has not only affected the SEPE, but also citizens who could not carry out their procedures normally and could see a delay in accessing benefits. However, it is noteworthy that, in this attack, at least officially, no ransom was requested nor was data compromised, which remained fully insured.
Ministry of Labor
It is curious to know that the Ministry of Labor again had a cyberattack with ransomware that affected SEPE for several weeks. Its scope was considered important and only 3 months later of what happened with the SEPE in the same way. Ryuk ransomware hijacks systems and asks for a ransom in order to free them. Technical officials from the ministry and the National Cryptological Center have been working together to determine the origin of the attack and restore normalcy from service.
This has affected internal systems of the organism with a great scope in what refers to systems and equipment affected. Employees and officials had to disconnect from the network and many of them work in other enabled networks.
Mondelez
In Spain, the Mondelez biscuit and snack company suffered an attack that affected it considerably. It was not the only one affected, so did DLAPiper, BNP Paribas, Saint-Gobain, Maersk and Hill + Knowlton Strategies. In their computers they warned that the files were not available since they had been encrypted. The only way to retrieve them based on the message was to access their decryption service.
There are many companies that in the face of this type of attack pay to recover the information, but the payment does not guarantee it. This attack produced in 2017 could affect its international business for a total of 100 million dollars at that time, since they had to paralyze their activity and business units abroad. It was a variant of Petya. They restored their main operating systems, processes, and improved systems security. There is no evidence that personal or company data has been leaked.
Accenture
The global consulting firm Accenture was also attacked by the LockBit ransomware gang in August 2021. Cybercriminals threatened to publish the encrypted files on the dark web unless the company paid the ransom. The company spokesperson confirmed the existence of a security incident without stating that it was ransomware.
They had detected an irregular activity, as they recognized, and claimed to have solved it by containing the matter and isolating the affected servers. They restored the systems from a backup without that appearing to have impact on your operations nor in the systems of its clients. LockBit is a gang that rents its attack to third parties in exchange for a share of the ransoms, which is what has happened in this case.
Phishing and security breaches
Another vulnerability companies are exposed to is security breaches that can expose them confidential information of the company or its customers, with the consequences that this can have, as well as the phishing attacks that occur both in the companies themselves and when cybercriminals impersonate them to deceive their customers and obtain their data. We comment on some companies that have been affected by attacks of this type.
Telephone
In May 2017, Telefónica had been the victim of a cyberattack through the Wanna Decryptor ransomware, through which data from their computers was encrypted and a ransom of less than 300 euros in bitcoins was requested. This attack did not affect their clients, but their intranet. The following year, the Wannacry malware infected hundreds of multinationals and institutional bodies around the world in 2018, one of its victims being Telefónica. Despite having great IT security professionals, they were not able to stop this attack. What they acted fast They were able to solve as much as possible the leakage of customer data. It is a clear case that no matter how much protection a company has, it can be attacked and damaged by cybercriminals.
In the month of November 2021, Movistar suffered a security breach that compromised personal contact and service data hired by their clients, it is not so with their passwords and bank or payment details. Shortly after, the company announced that the hole had been blocked without giving many details of the origin of the attack. This data can later be used for identity theft attacks, such as phishing.
Sony
In November 2014, Sony Pictures suffered an attack in which its workers could not identify themselves on their computers. In addition, several Twitter accounts of films shot by her posted messages saying that they had been hacked by Guardians of the Pace, with mentions and threats to senior executives of the company. Subsequently, they published personal and private information obtained from their servers that they sent to the Internet with documents to which they had had access.
This was chaos and caused a stop of several days in the company until finally they recovered part of the normality after having hired a specialized computer security team. Although they had not done it completely and the consequences were important, especially because of the leaked information. The losses were millionaire.
AOL
AOL (América Online) is a clear example to not follow when it comes to cybersecurity because it was hacked several times. The first attack was in the year 2004 when a former engineer collected 92 million names and emails to sell to spammers who sent millions of spam to their users. In 2006, a large amount of user information was revealed.
Years later, in the 2014, investigated an incident after the Unauthorized access to your systems and networks. Because of this, they decided to change its image and it was later absorbed by Verizon.
eBay
In 2014, eBay suffered a security breach through which usernames, phone numbers, passwords and addresses of the company were revealed. The attack was the responsibility of Syrian Electronic, who claimed that they only did it for entertainment without taking any of the leaked data. Users did not have to fear a leak of their personal information.
What they did do is modify the design of the web by changing the main pages with your logo. Although no data appears to have been disclosed at the time, the main consequence for the company was the drop in its subsequent share prices. What was a show for the attackers affected the company financially.
Ashley madison
The attack on Ashley Madison is especially important because of the activity of the company, since it is a dating platform designed for married or engaged people. The platform was hacked for not having correctly protected the information and data on users, compromised people who sought maximum privacy, appeared among the data, names of politicians and celebrities.
The company had to pay millions of euros in fines, compensation and cybersecurity fixes, in part due to not delivering what they promised in their service. But this attack carried out in 2015 not only affected the business, but also many of its users due to the leaks made. There was talk of extortion attempts and even suicides. It was a topic that gave a lot to talk about, both at an official level and information that has not been confirmed.
Although in the month of October Facebook had a fall that affected the millions of users who use its services, this was not the result of a cyberattack as they have been able to clarify in the company. This is not to say that they have never suffered one. Long ago, he was exposed to a leakage of personal data that affected more than 533 million users out of a total of 106 countries. The leaked data were the identifiers of the social network, addresses, mobile phones, biographies and emails. Any internet user can have access to this stolen data a long time ago, but they were tried to sell much later by various forums. The personal information of about 11 million Spaniards has been published for free of data belonging to a security breach ofl 2019.
In September of 2018, data from more than 50 million accounts of the company. Experts said at the time they were studying whether the accounts were misused or the information was actually accessed as they found no evidence to suggest the accounts had been compromised.