Although cybersecurity has improved tremendously, the threat of cyber crimes is still relatively high. In fact, quite a few cybersecurity breaches took place worldwide throughout 2022. Below, we have the top cybersecurity breaches of 2022.
The Uber Breach
Although cyber attacks against Uber seem quite normal, they also seem to be controversial in nature. The latest 2022 attack took place in September and caused a breach that penetrated internal networks on a deep level. When the breach took place, the hacker gained access to employee dashboards, cloud storage, internal databases, G-suite tools, and Slack workspace.
The only way that the breach was known was by the hacker announcing it through a channel on Slack. Uber quickly disabled their systems and servers, but it is unclear of how much of an impact resulted from the breach.
It is believed that the breach took place when an account for a contractor was used for system access. To prevent future breach attempts, Uber remains proactive in system security keeping their codebase and access points locked so that future breaches are avoided.
The Red Cross Breach
A data breach that was quite surprising happened against the Red Cross in 2022. Unfortunately, there was a system vulnerability that allowed the attack to be sophisticated. Once the breach took place, it exposed a substantial amount of data that was sensitive and confidential.
The breach led to a high amount of risk for individuals who are vulnerable, such as those who are missing, refugees, or detainees. The data breach also included data from worldwide societies of the Red Cross.
It is still unknown why the breach took place or what the attacker plans to do with the data since no ransom exists for it.
The Crypto.com Breach
Regardless of implementing a significant amount of security, Crypto.com still managed to be breached due to its poor management. This is what happened in January 2022 and affected more than 450 wallets connected to the blockchain. This breach enabled the hackers to claim over $30 million in cryptocurrency.
Somehow, the two-step authentication was bypassed and access to the wallets was direct. Although the breach was denied at first, the blockchain later admitted that the breach took place and millions of cryptocurrencies were stolen.
Security experts were brought in to take a look at how bad the Crypto.com breach was and how much it affected the infrastructure and to ensure that future attacks are prevented.
Ukraine Government Breach
When the war in Ukraine began, several hacking groups began cyber-attacks against institutions in Ukraine. A major attack that took place was against Ukraine’s Ministry of Internal Affairs.
A breach was also made against the security council in Ukraine. Sensitive data concerning Ukrainian citizens became leaked and it was believed to single out citizens and have them detained if they were to resist the occupation.
Besides the singling out of citizens, the breach also involved disrupting satellites and making internet access restricted. In total, there were at least 6.5 million citizens affected by the breach.
In retaliation, many websites and databases in Russia were hacked which led to the exposure of Russian soldier data.
The TransUnion South Africa Breach
Based in Brazil, the hacker group known as N4aughtysec took control of the South Africa location of TransUnion and made a ransom of $15 million. Once compromised, the data of more than 600,000 businesses and 5.5 million individuals were exposed. This data involved many consumer names, addresses, email, birth dates, and credit scores.
However, the most embarrassing part was the fact that the password set by TransUnion was supposed “password”.
The Costa Rican Breach
Costa Rica has been subjected to numerous cyber attacks and breaches throughout the government. These breaches have affected several organizations and made them permanently offline.
During the 2022 breach, the hackers demanded a $20 million ransom in order for the data to be returned decrypted. Because of the seriousness, a state of emergency was declared as the breach had an impact on the entire country’s infrastructure.
The Plex Breach
Plex experienced an August 2022 vulnerability that was on a massive scale and exposed millions of app user data. The information accessed included usernames, email, passwords, and other personal information.
The cause of the breach was repaired and users were notified to make password changes and to implement a higher amount of authentication.
The breach did not involve financial data since none is stored in their data systems. Also, higher sophisticated encryption would be implemented by Plex to deter future breach attempts.
The Credit Suisse Breach
At Credit Suisse, a breach took place that affected more than 30,000 accounts. These accounts were owned by corrupt leaders and many other high-profile individuals. It is believed that the value was more than $100 billion.
The breach took place out of anger at the laws governing secrecy at Swiss banks. Despite any alleged misconduct on Credit Suisse’s part, any misconduct was ultimately denied.
The Twitter Breach
As July 2022 came around, Twitter was breached using a vulnerability known as 0-day that allowed data to be leaked. User information was then identified by the hacker by matching phone numbers and emails that belonged to the accounts. The amount of Twitter users were in the millions and ultimately, the data got sold by the hacker.
The vulnerability has since been repaired and Twitter has apologized. The interesting part is that Twitter was aware of the vulnerability before the breach took place, but did nothing to prevent it.
How Future Data Breaches Can Be Prevented
When a company wants to prevent a data breach from happening, they need to understand that these cyberattacks occur often, no matter how large an institution is. This makes it imperative to have your business prepared for the worse ahead of any possible data breach. You can hire a cybersecurity provider like MyTek, or there are measures you can take yourself.
When a breach does take place, you are able to take back control as soon as an attack is realized:
Remain observant – When data is being stored by a third party and it becomes breached and stolen, you will be notified of what to do. You should then know what the data was and work to have any future breaches prevented.
Get Passwords Changed – In order to practice great security, it is important to have measures in place. These measures need to involve password changes company-wide.
Instill higher security authentication – When the authentication is a higher level of security that will prevent access even though the password is exposed through the breach.
Instil anonymity – By utilizing phone numbers and emails that are anonymous, your identity will be unknown and your name will not be exposed. You can also incorporate SIMs that are prepaid so that you do not need to worry about any direct account belonging to you becoming attacked. This will also be difficult for you to be located.
Get in touch with your bank – When a security breach has made your financial information vulnerable, you need to get in touch with your bank and have account alerts in place to prevent fraud or activity that seems suspicious. When an activity that is out of the ordinary is noticed in your bank account, you should have the account temporarily frozen until the threat is removed.