5 of 15Image
In February, Apple experienced a breach on its corporate servers after employee computers were hit with malware, funnelled through a vulnerability in the Java Web plug-in. This attack took place only a week after Facebook was hit with a similar attack.
On February 19, the iPhone and iPad maker announced the company was working with law enforcement agencies to investigate the security breach, but there was "no evidence that any data left Apple." The tech giant said in a statement:
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network."
A Java malware removal tool was released the same day to prevent Mac users from being hit with the same cyberattack, and Oracle subsequently patched the exploit.
Image credit: Apple
Yet another attack in February took place, this time against popular microblogging platform Twitter.
In a blog post, Twitter said "unusual access patterns" allowed the company to discover attacks on Twitter data. The subsequent investigation found that the usernames, email addresses, session tokens and encrypted versions of passwords for 250,000 users were potentially placed at risk.
The firm said that the cyberattack "was not the work of amateurs," and was unlikely to be an isolated scenario.
As a result, Twitter reset passwords for these accounts, notifying those impacted via email. In addition, the social network suggested that Java be disabled on user browsers.
Following the breach, Twitter rolled out support for two-factor authentication to bolster security.
In March this year, the popular note-taking platform's master website was hacked, and account information of its users accessed.
Evernote, known for its mobile device applications, detected the attack early on, but the hacker or group responsible were still able to access user information including names, email addresses and encrypted passwords -- the latter luckily both hashed and salted.
As a precaution, Evernote required all of its users to change their passwords.
In a statement to sister site CNET, an Evernote representative said:
"At this time we believe we have blocked any unauthorized access, however security is Evernote's first priority. This is why, in an abundance of caution, we are requiring all users to reset their Evernote account passwords before their next Evernote account log-in. We are actively communicating to our users about this attack through our blog, direct e-mails, social media, and support. This simple step of users creating strong, new passwords will help ensure that user accounts remain secure."