The year 2022 saw some of the most significant and damaging data breaches in the history of the internet. The world witnessed several high-profile data breaches that exposed the sensitive information of millions of users. These breaches affected businesses, governments, and individuals alike, leaving them vulnerable to identity theft, fraud, and other cyber threats. With advancements and sophistication in technology, cybercriminals have also evolved their method of attacking networks.
This article will discuss the top 10 data breaches that occurred in 2022.
10. Costa Rica Government Data Breach
The Costa Rican government was breached by The Conti ransomware gang. The group accessed the government’s systems & stole sensitive data, demanding $20 million. Thus, forcing the Central American government to declare an emergency. Around 670 GB of data, which was 90% of the total, got leaked a few weeks later.
9. Twitter Data Breach
This data breach resulted from a vulnerability that came to light in January 2022. In July 2022, an alias hacker went rogue when he posted on a hacking forum that they were in possession of 5.4 million Twitter accounts data for sale. The stolen data contained the users’ personal information like their Twitter handle. The hacker even announced a minimum of $30,000 for the database.
8. DoorDash Data Breach
In August 2022, food delivery giant DoorDash confirmed a data breach of 4.9 million customers, workers, and merchants exposed to large amounts of personal information. They had confirmed in a blog post that it was the target of a sophisticated phishing campaign.
DoorDash said the attackers accessed customers’ names, addresses, and delivery details. The hackers accessed partial payment card data, such as card type and the last four digits of the card number.
7. Optus Data Breach
In September 2022, Australian telecommunications giant Optus had a subscriber base of approx. 9.7 million were hit by a massive data breach that exposed names, dates of birth, phone numbers, and email addresses. A group of customers allegedly had physical addresses and personally identifiable information (PII) like driving licenses and passport numbers leaked.
Several reports revealed that the company’s firewall was breached to get users’ information.
6. MediBank Data Leak
Australian Healthcare & Insurance company MediBank disclosed the hack occurred on November 7, 2022. The hacker gained unauthorized access and stole about 9.7 million customer data. The stolen data included confidential and PII on medical coding procedures of patient diagnoses carried out by healthcare professionals.
As MediBank refused to pay a ransom, the hacker group leaked their patient’s data online.
5. WhatsApp Attempted Data Breach
In November 2022, a hacker posted a dataset to BreachForums claiming to have obtained the latest personal information of 487 million WhatsApp users across 84 countries.
In the post, the alleged criminal said those buying the datasets would receive “very recent mobile numbers” of WhatsApp users. According to the hacker, those records contained details for 32 million US users, 11 million UK users, and 6 million German users. But, the hacker had not disclosed the tactic to get such massive user data.
4. T-Mobile Data Breach
In August 2022, T-Mobile suffered a significant data breach exposing the personal information of over 37 million customers. A cybercriminal had gained unauthorized access to the company’s systems and stole the data. The data contained customers’ names, addresses, phone numbers, and social security numbers.
T-Mobile immediately launched an investigation offering free monitoring services to the affected customers. It is evident to have effective data breach response & Cyber Security measures.
3. Amazon Data Breach
In October 202 2, Amazon suffered a data breach exposing millions of customers’ data. The breach occurred to a third-party vendor who stored the data on an unsecured server that was accessed by unauthorized parties. The stolen data included customers’ names, addresses, and credit card information. Details of viewed content and user preferences were also exposed and details about the user’s subscription.
This breach highlighted the importance of strong security measures for third-party vendors and the need for regular audits of data storage mechanisms. Amazon took down the affected server and launched an investigation into the breach. They also offered free credit monitoring services to affected customers.
2. Facebook Data Breach
In November 2022, Facebook suffered a data breach that exposed the personal information of over 1 million users. The reason for this breach was a vulnerability in the platform’s code that allowed the attackers to bypass the company’s security measures and gain access to data. Around 400 fraudulent apps that targeted internet users to disclose their login information came to light. Meta has contacted Apple and Google about this problem to stop customer data from being compromised again.
1. JP Morgan Chase Data Breach
In October 2022, JP Morgan Chase said that it was aware that a hacker group had blocked the bank’s network infrastructure and claimed that the company’s operational functionality remained unaffected.
Summary
All the above cyberattacks and data breaches, and those not listed in this blog, always highlight the importance of prompt action and tightened Cyber Security measures. It does not matter how large the organization is and its market share and popularity among users. Despite the best technological infrastructure, cybercriminals can gain access to networks, and the larger and more reputed the organization, the larger the scope for financial and reputational loss.
About SNS
Secure Network Solutions (SNS) provides a quantifiable, risk-based approach to building a global structure of cyber security infrastructure based on internationally recognized frameworks and practices. We have been providing services and catering to clients across industries for the last 22 years. Write to us at [email protected] or visit us at www.snsin.com.
