The main cyberattacks and data breaches of 2021: ransomware is once again the protagonist of the biggest incidents

It is difficult to select which have been the biggest cyberattacks and security breaches of the entire year 2021. One of the most striking data has been caused by an old Facebook security breach, for which more than 500 million personal data of Facebook users were leaked online. Although this was known in April 2021, the vulnerability occurred in 2019. The figure is astronomical, but still far from what is considered the largest in history, for now, the so-called Collection. Only in the "first" of its five deliveries more than 700 million were leaked.

Numbers that make other types of gaps seem “smaller” to us, in different ways. There have been many attacks, failures and security breaches that have come to light in recent months, indicating a worrying upward trend in the number of incidents, which is also supported by the main reports. During some of the periods this year, practically a major security incident per week was known. "There goes one more" was heard.

These facts have a double reading. On the one hand, many of them have ended up filling minutes or pages of general media, which certainly has an impact on the visibility of the need and importance of cybersecurity. On the other hand, as little pleases and much tires, there is also the risk of getting used to it, and downplaying it. Just like a data breach of a few hundred users doesn't seem that relevant, compared to the millions of data leaked in other of them.

Far from this, each new incident has to be a shock that drives us to solve it. And it is that the biggest cyberattack or security breach is yet to be known.

Cyber ​​attacks and data breaches in 2021: ransomware and extortion

As for the type of attacks, as in 2019 and 2020, this year the king continues to be ransomware and its different variants, such as double extortion.

Among the most notorious ransomware cases, in our country SEPE stands out above all because of the repercussions it has had in every way.

According to data provided by the Spanish Data Protection Agency, this year 1,647 security breaches have been reported in Spain.

Comparatively, until December 2020, 1,113 security breaches were reported, 534 fewer than in 2021. In other words, so far in 2021, 48% more information breaches have been reported than the previous year.

According to AEPD reports, a total of 1,460 notifications were received in 2019. In 2020, notifications amounted to 1,370.

This year has also seen some of the consequences of not managing personal data correctly, such as the fine imposed on Vodafone

Month Security breach notifications Notifications due to malware / ransomware
January 2021 88 30
February 2021 146 82
March 2021 177 83
April 2021 158 68
May 2021 185 94
June 2021 143 55
July 2021 126 fifty*
August 2021 70 22
September 2021 150 27
October 2021 117 36
November 2021 135 54
December 2021 142 42
*As of July there is a change in the way of displaying the data in the report, in the “Means” section. Until June 2021 it is expressed as “Malware (Ransomware and others)”. As of July, this section is expressed as: "Cyber ​​incident: Encrypted device / kidnapping of information".

what the reports say

The different reports that have been published throughout the year do not fail to support the trend that can be seen with the naked eye. Not only certifying the increase in the number of cyberattacks, but also in the increase in the costs that these have for those who suffer them, starting with the economic ransoms requested by cybercrime.

Los principales ciberataques y brechas de datos de 2021: el ransomware vuelve a ser protagonista de los mayores incidentes

For example, Check Point warns that 40% more weekly cyberattacks on companies are taking place globally during 2021, compared to 2020 data.

Studies point to ransomware as the main headache for companies and users. According to the Sophos State of Ransomware report, 37% of businesses have been affected by this type of malware in 2021.

For its part, Palo Alto Networks states that the average ransom figure is around 4.7 million euros, which implies an increase of 518% compared to what cybercriminals requested in 2020, which was close to 430 thousand euros . And it is that according to IBM data, bailouts have had the highest average cost in 2021 in the last 17 years.

And not only ransomware lives cybercrime. Although they are not as famous, other types of cyber attacks are increasing vertiginously. Without going any further, Kaspersky warns that the number of attacks on IoT devices (Internet of Things) has doubled in a year, and Spain has become the main recipient of spam.

Biggest cyberattacks and data breaches of 2021

Below is a compilation of the main cyberattacks and data breaches that have occurred throughout 2021, the most notable depending on the number of people affected by a data breach or the severity and impact of the cyberattack.

January

Microsoft Exchange (Global). A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered on Microsoft Exchange servers, giving attackers full access to user emails and passwords on the servers. affected, administrator privileges on the server and access to devices connected to the same network.

TikTok (Global). A TikTok vulnerability exposed users' private information.

February

Washington State Auditor's Office (USA). A security incident compromised the personal information of more than 1.6 million people who filed unemployment claims in 2020.

University of Oxford (UK). One of its laboratories dedicated to Covid-19 research has suffered a cyberattack. The affected systems included machines used to prepare biochemical samples.

Professional offices (Spain). Hundreds of Spanish law firms and advisors affected by a ransomware cyberattack

Palace of Congresses of Valencia (Spain). The Valencian city council is once again the victim of a scam, which is added to the four million perpetrated on the EMT in 2019. On this occasion, 21,020.11 euros have been stolen from the Palacio de Congresos due to identity theft.

Florida Water Supply, USA Fortunately, an attacker who tried to poison a Florida city's water supply by remotely altering the sodium hydroxide levels in the water was unsuccessful.

March

SEPE (Spain). The State Public Employment Service was the victim on March 9, 2021 of a ransomware cyberattack that caused the entity to be paralyzed and delayed for a long period of time. Ryuk has been the ransomware behind the attack.

Steel (Global). Tech company is attacked with ransomware; one of the largest bailouts to date (50 million euros) is demanded.

Municipality of Castellón (Spain). A ransomware cyberattack paralyzed the electronic headquarters, the tax portal and the computer system.

April

Facebook (Global). An old Facebook security breach has left 533 million phone numbers and other personal data exposed.

LinkedIn (Global). It takes over from Facebook, with a data breach that supposedly affected 500 million users, although the social network itself denied it.

Castilla-La Mancha University (Spain) . The University of Castilla-La Mancha (UCLM) suffers a ransomware cyberattack.

Phone House (Global). It has suffered a ransomware attack with more than 3 million data affected. Here you can read the statement published by the company.

Apple (Global). The apple company has been affected by a ransomware cyber attack on one of its suppliers, whose ransom amounts to 50 million euros.

Deloitte (Global). Data from the consultant have been put up for sale in a forum on the net.

INE and Ministries (Spain). A series of cyberattacks have brought down the websites of the Ministry of Justice, Education and Economy, and the National Institute of Statistics.

Real Madrid (Spain). A cybercriminal has accessed the computer system, stealing player data, contracts and budgets

May

Glovo (Global). The delivery company has suffered a cyber attack on the database of its customers and delivery men.

Galician companies (Spain). Several Galician companies have been extorted by a ransomware attack.

Colonial Pipeline (USA). The ransomware attack that hit Colonial Pipeline, the operator of America's main oil pipeline, caused real chaos. It is considered the largest computer attack on critical infrastructure, and the gateway could be in a compromised password.

City Council of Oviedo (Spain) . A ransomware cyberattack disables the council's services.

June

Ministry of Labor (Spain). The Ministry suffers another computer attack, three months after the one that affected SEPE, again by the same Ryuk ransomware.

Florida Hospital (USA) UF Health Central Florida is the victim of a ransomware attack that forces them to go back to pen and paper.

Volkswagen (USA and Canada). Data of 3.3 million Volkswagen and Audi users in North America leaked

July

Kaseya (Global). More than 1,500 companies around the world have been affected by the ransomware cyberattack on Kaseya, an American IT software management company that has been the victim of a supply chain attack.

August

Zurich Insurance (Spain). The insurer has suffered the theft of databases from its clients in Spain. The cybercriminals put the data up for sale on the dark web. More than 26,000 customers were affected. This is the official statement issued by the company.

T-Mobile (Global). A cyberattack on T-Mobile affects the data of more than 50 million users. This statement signed by the company's CEO is published a few days later.

September

ANZ (New Zealand). A cyber attack brings down the websites of financial institutions and other entities in New Zealand.

GSS / Canal de Isabel II (Spain). The entity suffers a ransomware cyberattack that leaves its telephone service blocked through the root of its GSS provider, Grupo Covisian.

UN. The entity confirms a cyber attack on parts of its infrastructure.

October

Twitch (Global). The streaming platform was the victim of a leak of confidential information about the company and the income of streamers. More than 100 GB of data was published.

Melia (Global). The hotel group suffered a ransomware cyberattack that affected several hotels.

Gas stations in Iran (Iran) . They were paralyzed after a computer attack that disabled user cards to access fuel

Autonomous University of Barcelona (Spain). A cyberattack leaves the UAB without service, forcing classes to be canceled and compromising 650,000 files.

November

MediaMark and Saturn (Global). The retail chain has suffered a ransomware cyberattack that has affected its stores.

IKEA (Global). The company is affected by a cyber attack due to a phishing attack in which its employees fell.

December

Log4j vulnerability. The zero-day vulnerability in the Apache Log4j logging package has become the biggest cyber threat in recent years, affecting millions of potential victims, and the consequences are expected to last for a long time.

Health Service of the Principality of Asturias (Spain). A ransomware cyber attack on the computer network of the Principality of Asturias has directly affected the computer system of the Central University Hospital of Asturias.

(First published: December 29, 2021. Update: January 28, 2022)

Share this: