In recent weeks, there has been a sharp increase in cyberattacks, which have frequently disrupted services and products that are essential to our daily lives.
The ransomware attack in May that forced the Colonial Pipeline — a key East Coastline that delivers gas to millions of people — to shut down for six days brought the frightening situation to the forefront of people’s minds. JBS USA, a food processor, was hit by a cyberattack a few days later, affecting servers that support its IT systems.
In June, several high-profile companies, including McDonald’s and Peloton, revealed that they, too, had been targeted by hackers. These incidents highlight the growing demand for cybersecurity experts, a space that’s facing a skills gap.
This month, the following companies announced that they had been hacked:
Electronics Arts
Hackers gained access to Electronic Arts’ systems, one of the largest video game publishers in the world, and stole source code for company games. The news was announced earlier this month by the company.
On June 6, hackers claimed to have obtained 780 gigabytes of data from EA (EA), including source code for Frostbite, the game engine that powers titles in the FIFA, Madden, and Battlefield series, according to online forum posts reviewed by CNN Business and vetted by an independent cybersecurity expert.
Losing control over source code, according to Brett Callow, a threat analyst at cybersecurity software maker Emsisoft, could be problematic for EA’s business.
“Source code could theoretically be copied by other developers or used to develop game hacks,” Callow explained.
According to an EA spokesperson “There was no access to player data, and we have no reason to believe that player privacy has been jeopardized. We’ve already made security improvements as a result of the incident, and we don’t expect any negative effects on our games or business.”
McDonald’s
McDonald’s announced earlier this month that it, too, had been impacted by a data breach in South Korea and Taiwan, which exposed the private information of customers and employees.
An investigation revealed a “small number of files were accessed,” some of which contained personal data such as emails, phone numbers, and addresses, according to the burger chain. In both areas, McDonald’s is contacting affected customers and regulators, claiming that payment information was not accessed.
“These tools allowed us to quickly identify and contain recent unauthorized activity on our network,” a McDonald’s (MCD) spokesperson told CNN Business. “A thorough investigation was conducted, and we worked with experienced third parties to support this investigation.”
Peloton warned Bike+ users in June about a newly discovered security threat involving the touchscreen. Researchers at McAfee discovered a flaw that allows hackers to gain access to Peloton’s bike screen and potentially spy on riders via the microphone and camera.
The threat, however, is most likely limited to the $2,495 bike used in public places like hotels or gyms. Because a hacker must physically gain access to the screen and insert a USB drive containing malicious code, this is the case. Hackers can then control the stationary bike’s screen remotely and interfere with its operating system, according to the researchers.
Fortunately, Peloton (PTON) said it is unaware of any exploits of this vulnerability, and the company has issued a mandatory software update to users to address the issue.
Volkswagen
Volkswagen and Audi announced earlier this month that they had suffered a data breach that exposed customer contact information as well as personal information such as drivers’ license numbers in some cases in the United States and Canada.
According to VW, an outside company that worked with the automakers stole at least basic contact information from more than 3 million customers or shoppers. Phone numbers, email addresses, postal mailing addresses, and, in some cases, vehicle identification numbers were among the information collected.
“We regret any inconvenience this may cause our current or potential customers,” VW USA said in a statement. “As always, we recommend that individuals remain alert for suspicious emails or other communications that might ask them to provide information about themselves or their vehicle.”
