<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Fine-grained Policies. Continuous Auth-Z. Zero Trust. 🔒 Join us for the Policypalooza webinar series!
Search
Close icon
Search bar icon

Five Spine-Chilling Credential Theft Stories

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

“It is, I confess, with considerable diffidence, that I approach the strange narrative which I am about to relate. The events which I purpose detailing are of so extraordinary a character that I am quite prepared to meet with an unusual amount of incredulity and scorn. I accept all such beforehand.” Fitz-James O’Brien, What Was It?

Gather ‘round for five, real-life stories of data breach that will haunt your dreams. You’ll find no ghosts, ghouls, or vampires here—though there may be zombies

Read on if you dare…

Marriott: A Haunted Hotel

Marriott acquired Starwood Hotels in 2016 and inherited its faulty IT infrastructure, including a legacy guest reservation system that had been unknowingly compromised in 2014. Per CSO Online, “Starwood’s old system limped on, zombie-like, infected with malware, breached by hackers, and without much by way of continuity of care…” until 2018, when an internal security tool finally detected the problem. By then, attackers had encrypted and most-likely removed password and credit card data from millions of guest records. And the fright doesn’t end there. Marriott continues to face fines, lawsuits, and lost revenue related to the breach. Yikes.

Volkswagen: Is It Possible to Steal a Deceased Person’s Identity?

Apparently so. In March 2021, Audi and Volkswagen learned that an attacker may have obtained the personal data of more than three million individuals in the U.S. and Canada. A marketing services company under Volkswagen’s employ left personal information from potential customers unprotected for 21 months before the leak was discovered. The exposure included driver’s license numbers and in some cases birth dates, Social Security numbers, account or loan numbers, and tax IDs from victims both living and dead.

Stradis Healthcare: The Call Came From Inside the House

In March of 2020, a VP at Stradis Healthcare was fired. Before leaving, he created a fake-user admin account on the company’s network. He then was able to create a second illegitimate account which he used to sabotage thousands of records, causing hundreds of thousands of dollars in damage and delaying the shipment of much-needed supplies to healthcare customers. A ghoulish act indeed.

Kroger: Misery Loves Company?

In early 2021, Kroger joined the growing list of Accellion attack victims. The breach has impacted more than a hundred companies, universities, organizations, and even government agencies. Exposed data included human resources information, pharmacy records, and financials services records. So far, the breach has cost Kroger $5 million. 

Capturerx: What Lurks in the Dark?

Health IT company CaptureRx helps hospitals manage their 340B drug pricing program claims. But in February 2021, a ransomware attack exposed thousands of patient files. The compromised files contained protected health data including patient names, birthdates, and prescription information. So far, this ransomware attack on a third-party vendor has impacted more than million patients at multiple healthcare institutions.

"I can assure you," said I, "that it will take a very tangible ghost to frighten me.” H.G. Wells, The Red Room

Take heart dear reader. Although credential-based attacks can happen to anyone, with a little planning and the right tools, you can catch them early and often prevent them altogether.

Want to learn more? Sign up for our no BS demo and see for yourself. And stay tuned for our next seasonal blog post: Turkey with a Side of Credential Stuffing … or maybe not.


About the Author

, Contributing Writer and Illustrator, has a passion for helping people bring their ideas to life through web and book illustration, writing, and animation. In recent years, her work has focused on researching the context and differentiation of technical products and relaying that understanding through appealing and vibrant language and images. She holds a B.A. in Philosophy from the University of California, Berkeley. To contact Maile, visit her on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

What Is Zero Trust Data Protection?
What Is Zero Trust Data Protection?
Zero Trust Data Protection isn't just the best way to safeguard your data — given today's advanced threat landscape, it's the only way. Assuming inherent trust just because an access request is inside your network is just asking for a breach. By implementing the latest tactics in authentication, network segmentation, encryption, access controls, and continuous monitoring, ZT data security takes the opposite approach.
5 Types of Multi-Factor Authentication (MFA) Explained
5 Types of Multi-Factor Authentication (MFA) Explained
With so many advanced cyber attackers lurking on the threat landscape, a simple password is no longer enough to safeguard your sensitive data. There are many reasons to adopt MFA for your business. It supplements your security by requiring additional information from users upon their access requests—and it significantly reduces your risk of incurring a breach. Several multi-factor authentication methods are available, with varying strengths and weaknesses. Be sure to compare the differences when selecting the best fit for your operations.
StrongDM Now Delivers Continuous Authorization for Databases Through Fine-Grained Policy-based Action Control
Access is no longer the primary challenge in enterprise security; it's the actions of users that are most aligned with managing risk. By focusing on how actions are authorized, StrongDM is giving customers a more effective approach to enterprise security. Our policy-based action control ensures that, in addition to access, every user action is scrutinized, delivering a higher level of security tailored to meet the complex demands of modern enterprises.
How to Prevent SQL Injection Attacks: 6 Proven Methods
How to Prevent SQL Injection Attacks: 6 Proven Methods
SQL injection attacks remain one of the most prevalent and dangerous threats to database security. These attacks can compromise sensitive data, disrupt operations, and cause significant financial and reputational damage. Understanding how to prevent SQL injection attacks will help you foster a security-conscious organizational culture.
How To Monitor and Securely Access IoT Devices Remotely
How To Monitor and Securely Access IoT Devices Remotely
Internet of Things (IoT) devices form the backbone of many modern businesses, facilitating operations, collecting valuable data, and enhancing efficiency. However, the widespread deployment of these devices creates numerous entry points for potential attackers. Without robust security measures, you risk exposing critical systems and sensitive information to malicious actors.