Biggest data breaches, hacks of 2021

In 2021, thousands of new cybersecurity incidents were recorded – and although cryptocurrency theft and loss of data is now commonplace, this year stands out with several high-profile incidents involving ransomware, chain attacks. procurement and exploitation of critical vulnerabilities.

The Identity Theft Research Center (ITRC) reported an increase by 17% of the number of data breaches recorded in 2021 compared to 2020. However, a deep-rooted lack of transparency around the disclosure of security incidents continues to persist – and so this may be a low estimate.

According to IBM, the average cost of a data breach has now reached more than $ 4 million, while Mimecast estimates that the average demand for ransomware on U.S. businesses is well over $ 6 million. the world record for the largest payment, made by an insurance company this year, now stands at $ 40 million.

Read on: He is the perfect ransomware victim, according to cybercriminals | Cost of corporate data breaches hit record high during COVID-19 pandemic |

Experts have warned that the security issue could persist for years with the recent emergence and rapid exploitation of the Log4j vulnerability. This also applies to data breaches, breaches and theft, the numbers of which are unlikely to decrease in the near future.

Here are some of the most notable security incidents, cyber attacks and data breaches of 2021.


  • Live Corner: Following an alleged hack in December, the Livecoin cryptocurrency exchange closed its doors and exited the market in January. The Russian Trade Post claimed that the threat actors were able to break in and falsify the values ​​of cryptocurrency exchange rates, causing irreparable financial damage.
  • Microsoft Exchange Server: One of the most damaging cybersecurity incidents this year was the widespread compromise of Microsoft Exchange servers caused by a set of zero-day vulnerabilities known collectively as ProxyLogon. The Redmond giant became aware of the flaws in January and released emergency fixes in March; however, the state-sponsored threat group Hafnium was joined by others for months after attacks on unpatched systems. Tens of thousands of organizations have reportedly been compromised.
  • Meetmindful: The data of more than two million users of the dating app has reportedly been stolen and disclosed by a hacking group. The leaked information included everything from full names to Facebook account tokens.


  • SITA: An IT provider of aviation services around the world, SITA, has said that a security incident involving the servers of SITA’s passenger service system led to the exposure of personally identifiable information belonging to airline passengers. Airlines involved in the data breach were then required to contact their customers.
  • ATFS: A ransomware attack against payment processor ATFS forced several US cities to send data breach notifications. The group of cybercriminals that claimed responsibility, Cuba, claimed to have stolen a wide range of financial information from their leak site.


  • Mime: Due to the Solarwinds supply chain attack disclosed in December 2020, Mimecast found itself the recipient of a malicious software update that compromised the company’s systems. Mimecast said its production grid environment was compromised, resulting in the exposure and theft of source code repositories. In addition, certificates issued by Mimecast and certain client server connection datasets were also factored into the violation.
  • Attached: Tether faced an extortion demand from cyber attackers who threatened to release documents online that “would harm the Bitcoin ecosystem.” The request, for around $ 24 million or 500 Bitcoin (BTC), was met on deaf ears as the blockchain organization refused to pay.
  • CNA Financial: CNA Financial employees were unable to access company resources and were stranded following a ransomware attack that also involved the theft of company data. The company reportedly paid a ransom of $ 40 million.


  • Facebook: A data dump of information belonging to more than 550 million Facebook users has been posted online. Facebook IDs, names, dates of birth, gender, location and relationship status have been included in logs, which Facebook – now known as Meta – was collected through scratching in 2019.


  • Colonial pipeline: If there has ever been an example of the impact of a cyberattack on the physical world, it is the cyberattack experienced by Colonial Pipeline. The fuel pipeline operator was hit with ransomware, courtesy of DarkSide, resulting in fuel delivery disruption and panic buying across the United States. The company paid a ransom, but the damage was already done.
  • Omiai: Japanese dating app said unauthorized entry may have led to the exposure of data belonging to 1.7 million users.


  • Volkswagen, Audi: The automakers have disclosed a data breach affecting more than 3.3 million customers and some potential buyers, the majority of whom were based in the United States. An associated vendor has been singled out as the cause of the breach, suspected of being responsible for exposing this data in an insecure manner at “some point in time” between August 2019 and May 2021.
  • JBS United States: The international meat packaging giant suffered a ransomware attack, attributed to the ransomware group REvil, which had such a disastrous impact on operations that the company chose to pay an $ 11 million ransom in exchange for it. ‘a decryption key to restore access to its systems.


  • UC San Diego Health: UC San Diego Health said employee email accounts were compromised by malicious actors, leading to a larger incident in which patient, student, and employee data, potentially including medical records, claims information, prescriptions, treatments, social security numbers, etc. were exhibited.
  • The British hunting rifles, rifles and shooting equipment trade website said records of around 100,000 gun owners, including their names and addresses, had been published online. As the ownership and supply of firearms is tightly controlled in the UK, this leak has caused serious privacy and personal safety concerns.
  • Kaseya: A vulnerability in a platform developed by IT service provider Kaseya was exploited to affect approximately 800 to 1,500 customers, including MSPs.


  • T Mobile: T-Mobile experienced another data breach in August. According to reports, names, addresses, Social Security numbers, driver’s licenses, IMEI and IMSI numbers, and customer credentials have been compromised. It is possible that around 50 million existing and potential customers have been affected. A 21-year-old man took responsibility for the hack and claimed to have stolen around 106 GB of data from the telecommunications giant.
  • Poly Network: Blockchain organization Poly Network revealed an Ethereum smart contract hack used to steal more than $ 600 million in various cryptocurrencies.
  • Liquid: More than $ 97 million worth of cryptocurrency has been stolen from the Japanese cryptocurrency exchange.


  • Finance Cream: The decentralized finance organization (DeFi) Cream Finance reported a loss of $ 34 million after exploiting a vulnerability in the project’s market system.
  • AP-HP: Paris public hospital system, AP-HP, was targeted by cyber attackers who successfully scanned the personal information of individuals who passed COVID-19 tests in 2020.
  • Debt-IN Consultants: South African debt collection firm says cyberattack resulted in ‘significant’ incident with impact client and employee information. Personal information, including names, contact details, salaries and employment records and debts owed, are suspected to be involved.


  • Coinbase: Coinbase sent a letter to around 6,000 users after detecting a “third-party campaign to gain unauthorized access to Coinbase customer accounts and transfer customer funds out of the Coinbase platform.” The cryptocurrency was taken without the permission of certain user accounts.
  • Neiman marcus: In October, Neiman Marcus made public a data breach that occurred in May 2020. The intrusion was not detected until September 2021 and included the exposure and potential theft of more than 3.1 million credit cards. customer-owned payment, although most are considered invalid or expired.
  • Argentina: A hacker claimed to have compromised the Argentine government’s National Register of Persons, thereby stealing the data of 45 million people. The government denied the report.


  • Panasonic: Japanese tech giant revealed a cyberattack took place – a data breach occurring from June 22 to November 3, with a discovery on November 11 – and admitted information was viewed on a file server .
  • Squid game: Cryptocurrency operators jumping on the popularity of the Netflix Squid Game show (though not officially associated) have crushed the value of the SQUID token in what appears to be an exit scam. The value fell from a high of $ 2,850 to $ 0.003028 overnight, losing millions of dollars to investors. An anti-dumping mechanism ensured that investors couldn’t sell their tokens – and could only look in horror at the value of the destroyed coin.
  • Robin Hood: Robinhood disclosed a data breach impacting approximately five million users of the trading application. Email addresses, names, phone numbers and more were accessible through a customer support system.


  • Bitmart: In December, Bitmart said a security breach allowed cyber attackers to steal around $ 150 million in cryptocurrency and caused total losses, including damage, reaching $ 200 million.
  • Log4j: A zero-day vulnerability in the Log4j Java library, a remote code execution (RCE) vulnerability, is now actively exploited in the wild. The bug is known as Log4Shell and is now being turned into a weapon by botnets, including Mirai.
  • Kronos: Kronos, an HR platform, was the victim of a ransomware attack. Some Kronos Private Cloud users are now facing an outage that can last for weeks, and right before Christmas as well.

Prior and related coverage

Do you have any advice? Contact us securely via WhatsApp | Call +447 713 025 499, or on Keybase: charlie0

About Jon Moses

Check Also

Intel promises “substantial contributions” to the growth of RISC-V • The Register

Analysis Here’s something that would have seemed odd just a few years ago: to help …