Top Data Breaches in February, March & April 2020

Top Data Breaches in Review: February, March & April 2020


Many companies now face data breaches in recent times.Different sectors like IT sector,Healthcare sectors,Public sectors reported data breaches in recent times.

Storing and using sensitive user data by companies are also common things.This data storing companies are the most favorite target for the hackers.This companies are now facing more cyber attacks.This major cyber attack also leads to data breach.Where millions of user data are leaked online.This makes user privacy at risk.Sometimes user data is sold in dark web or just leaked online.


data beaches-icss


Many companies face cyber attacks because they don’t maintain their cyber security.Many companies don’t have Cyber Security professionals who can manage the IT security.Small companies are also the favorite target of the hackers because they don’t maintain their cyber security.They don’t have any cyber security infrastructure.So they are easy to hack.

In this article we will show the recent data breach in February,March and April month.




Data Breach In February:

Number of data records compromised in february is 632,595,960.I this month many companies data get hacked.The hackers shared their data in web.Some of the biggest data breach are

Estee Lauder (400 million),Tetrad (120 million),Pabbly (51.2 million ),MGM Resorts (10.6 million),Lukid Party (6.54 million).In this month companies faced almost 25 Ransomware attacks,data leaked for Internal Error of 18, and companies faced 24 cyber attacks.The most breached sector is Healthcare which has  22 data breaches.Education sector which has  22 data breaches and public Sector which have 19 data breaches.

Data Breach In March:

Number of data records breach in March is almost 105.The number of data records compromised is 832,486,418. In this month many companies data get hacked.The hackers shared their data in web.Some of the biggest data breach are Weibo (538 million),Unknown database of US homeowners(201 million),Antheus Technologies (81.5 million),Dutch Government (6.9 million),Prop Tiger (2.1 million).The most sectors are The most breached sectors Healthcare which have 16 breaches,Education which have 11 breaches,Public sector which have 9 breaches.This month companies faces 10 Ransomware attack,6 internal error and 5 other cyber attacks.

Data Breach In April:

Number of data records breach in March is almost 49.The number of data records compromised is 216,141,421. In this month many companies’ data got hacked.The hackers shared their data on the web.Some of the biggest data breaches are Zoom (500,000), (600,000),Quidd (4 million ),Maropost (95 million).The most breached sectors Healthcare which have 11 breaches,Professional service which have 11 breaches,Public sector which have 9 breaches.This month companies face 12 Ransomware attacks,9 internal errors and 19 other cyber attacks.


Xiaomi sending user data to its server – A privacy concern for users

Xiaomi sending user data to its server – A privacy concern for users


Services/Bloatware safe to remove on Xiaomi devices via the ...


Xiaomi the one of the most famous mobile manufacturers in India sending browsing data to its server.Xiaomi collects user phone habits and queries they search on Xiaomi’s default browser.

According to a Cyber Security professional Xioami records all search data and items viewed on its default browser and the Mint browser.

The researcher claims that Xiaomi collects insane amounts of data.They also track incognito mode as well.

The researcher confirmed some other Xiaomi phones, including MI 10, Resmi K20, and Mi Mix 3.

After this report Xioami responded and confirmed that it collects browsing data.However the data is anonymized and users have consented to the data tracking.But it denied the claim of monitoring the incognito mode.

But the researcher was able to prove that Xioami is recording Incognito mode data as well in a video.

When researchers showed this with proof, Xiaomi said, “collection of anonymous browsing data, is one of the most common solutions adopted by internet companies”.

But the question is, the information tracked in the browser is really anonymous.

The researcher says the information tracked in the browser is compiled with the phone’s “metadata” collected by Xiaomi,which can easily identify a single person. That means the data sent to the servers can be easily correlated with a specific user.

Xiaomi also collects data using its official Apps claims by the researcher.The app’s data collected by SensorDataAPI.Which is a startup known for tracking users.

While Xioami says the data collected by Sensor Analytics remains anonymous and stored on Xiaomi’s personal servers.

Although in an official blog post-Xiaomi claims the data collecting to be aggregated and based on user consent.

In 2014 the mobile manufacturer company was found sending user’s personal data, including IMEI numbers,phone numbers and text messages to the web server in China.

This was reported in 2014.A Taiwan

Cybersecurity researchers raised this issue in a report. This issue was raised in India, Singapore, and Taiwan.

The Cybersecurity researchers also claim that he had found a zero-day vulnerability in the Xiaomi website.Where he was able to access many Xiaomi user’s data. He also found server logs, MI account username, Email, and passwords of millions of Xiaomi users.

Later Xiaomi investigates the data breach and accusations made by researchers.Xiaomi later posts a report about the vulnerability raised by the researcher.

They said they have verified the zero-day data breach allegation made by the security researcher is false.The file contains the information was their old website forum data. The information became obsolete when they launched the Xiaomi account integrated systems in 2012.

Xiaomi also says they are moving their data center in India due performance and privacy consideration.

So using the Xiaomi phone is a privacy concern for cyber security experts.Many I ternet companies collect users’ data to improve their service and product.

If data breach happened then so many users’ data will be exposed.So maintaining cyber security is very important for these companies.


Why Cybersecurity is important during the COVID 19 pandemic

Why Cybersecurity is important during the COVID 19 pandemic:


In this lockdown, many people are working and learning from home. The world is moving online at an unprecedented rate and the cyber attacks also increased for this reason.

Cybercriminals take advantage of this situation and now they try different methods. Phishing and scamming increased in recent times. Many online platforms also face cyber attacks. Hackers now try to hack online apps that are used in online meetings. Many companies now work from home and so there’s a shortage of security. Hackers now take advantage of these situations.

So at this time, cybersecurity is very important. Many companies now work online and it also increases the threat of cyber attacks.

Cybersecurity is very important right now. So companies should be aware of this type of attack.



Why Cyber security is important during the COVID 19 pandemic




Spam Mail : 

At this time many employees are getting too much spam mail. There are so many email providers who have a spam filter. That can easily find the spam mail. But some companies use their own mail server.

So companies should check their mail server security. It will help them to protect their mail server from any type of cyber attack.



Spam Mail



Phishing Attack :

In recent times phishing attacks have increased so much. Many people get phishing links by email. These phishing links sometimes look genuine and people clicked on the links. This phishing links redirect to websites that have malware or hacker tricks, people, to give sensitive data.

Employees need to check any type of link that’s not come from a trusted source. This type of phishing link can trick people easily.



Phishing Attack



Social Engineering :

This is the most common attack hackers use to steal sensitive data. Hackers use different types of social engineering methods to trick people.

Because many people are under pressure and work remotely, this type of trick can harm companies’ data. So companies should aware of their employees to check before sharing any sensitive data.


Unencrypted Connection

Any unencrypted connections can steal sensitive data. Companies need to ensure that when employees access their data remotely, their connection is secure and encrypted.

If their connection is not secure hackers can use MITM attack to steal sensitive data. So companies should use an encrypted connection.


Accessing Third-Party Apps :

Many companies work remotely right now. So many companies are doing their meeting and conference online. Many companies have their own infrastructure but many companies use third-party Apps.

So hackers now try to exploit these apps to hack into the system. When companies use third-party Apps they must ensure security. If any apps they find vulnerable they must use the latest version of the App or find an alternative of this App.

These are some security measures you can check to ensure the cybersecurity company. You can also use VAPT service, which can find a vulnerability in your Network, Web App, or Android apps.

This type of vulnerability testing is done by industry experts. They can help you to find the vulnerability in your IT infrastructure. So you can easily fix that problem to secure your company from any type of cyber attack.