Top 10 Cyber Breaches of 2022 Which We Should Learn From

Data breaches are happening all over the world at an alarming rate. Post-pandemic, the global reliance on digital solutions and the Internet of Things has increased unexpectedly. While this boosted the business prospects for various companies, cyberspace has become the favored crime scene for threat actors. As per a survey conducted by Cybercrime Magazine, cybercrimes are expected to dent the global economy by USD 10.5 trillion by 2025.

While this is disturbing, we can always learn from our mistakes. Lessons that will help us fortify the infrastructure better than before and allow us to stay prepared for any disastrous attacks. Let’s look at the world’s biggest cyber attacks of 2022 and see what we can learn from them.

Cyber breaches of 2022

1) Google’s Successful Aversion of the Largest DDoS Attack

In the most significant distributed denial of service (DDoS), Google was targeted by threat actors. It is the biggest DDoS threat ever recorded, as Google experienced 46 million requests per second in June.

The threat actors targeted Google’s Cloud Armor for more than an hour using an HTTPS connection. They also targeted the IT giant through 5,256 IPs from over 100 countries. As per Google, this DDoS is the largest as it is 76 percent higher than the previously recorded DDoS attack. 

2) Twitter Acknowledges Millions of Account’s Data Stolen

According to Cyber Security Hub, a hacker using the nickname “devil” allegedly offered to sell the information for 5.4 million Twitter accounts on July 27.

The hacker claimed to have obtained the data by utilizing a flaw reported to Twitter on January 1. On August 5, Twitter acknowledged the breach and advised users to enable two-factor authentication to protect their accounts from unauthorized logins.

A Twitter vulnerability that was found in January of this year was the cause of the data leak. Zhirinovskiy, who reported it to vulnerability coordination and bug bounty portal HackerOne, found the issue. Even if the user has blocked this activity in the privacy settings, the vulnerability enables any party to acquire a Twitter ID (practically equivalent to gaining the username of an account) of any user by providing a phone number or email.

The Twitter Android client’s permission procedure, notably the step where it checks for account duplication, is to blame for the flaw, according to Zhirinovskiy. However, he later confirmed Twitter had fixed the vulnerability.

3) Meta Fires Employees Suspected to be Insider Threats

The Wall Street Journal reported on November 17 that 12 Meta workers had received disciplinary and were terminated for violating Facebook’s terms of service and taking over user accounts.

The workers had been resetting Facebook account access via a tightly controlled internal access tool known as “OOps,” some of whom were contractors working as security guards at the internet company’s facilities. Following allegations that they exploited OOPS to let hackers fraudulently access several Facebook accounts in return for thousands of dollars worth of Bitcoin, one employee was fired.

4) Texas Department of Insurance Cyber-Attack

The shocking breach affected 1.8 million people. Another increasingly favorite targets for hackers are state and local government agencies. But in this case, the perpetrator of the incident at the Texas Department of Insurance may have been the government agency itself. TDI reported in March about a “security issue with a TDI web application that manages workers’ compensation information.”

TDI said the data breach was caused by programming code that allowed internet access to a protected application area. Sensitive data that could have been accessed included Social Security numbers, date of birth, and other personal information.

5) Samsung’s Source Code Stolen

Samsung suffered a massive setback in March when LAPSU$, a hacker group, stole its source code. Samsung acknowledged this breach by warning its customers. However, the breach allowed LAPSU$ to access the customers’ personal information.

Unfortunately, the woes for Samsung didn’t end there as a class lawsuit landed upon the telecom giant. The petitioner, Shelby Harmer, alleged that Samsung’s negligence had made the data vulnerable to LAPSU$.

Samsung confirmed the attack on March 7, stating that “source code relating to the operation of Galaxy devices” was compromised. Still, the company reassured that customer and employee data were safe and that there was no need for customers to take any individual actions. It did not comment on whether LAPSU$ demanded a ransom payment before the leak.

6) Shields Health Care Group Data Breached

This data hack exposed the data of 2 million people. Shields Health Care Group, located in Quincy, Massachusetts, said in June that it was looking into a data security compromise that looked to have affected nearly 2 million individuals at many local healthcare institutions.

Shields Health Care Group stated that it was informed in March of “suspicious behavior that may have entailed data intrusion” and that after conducting an investigation, it was found that an unidentified actor had access to several Shields systems between March 7 and March 21, 2022.

The research also showed that the unidentified attacker acquired specific data during that period. However, the data, which included names, Social Security numbers, and insurance information, was not utilized to perpetrate identity fraud or theft, according to Shields.

7) BidenCash Data Sale on Dark Web

Carding markets are dark web sites where individuals trade credit card information stolen in exchange for financial wrongdoing, typically involving vast amounts of money. The information of 1,221,551 credit cards was freely made available via the carding platform BidenCash on October 12, 2022.

In addition to other information required to conduct online purchases, a file on the website included information for more than 1.2 million credit cards expiring between 2023 and 2026. BidenCash already disclosed information on thousands of credit cards to promote the website in June 2022.

8) Phishing attack leaves Dropbox source code vulnerable

On October 14, 2022, a phishing assault that targeted the company’s workers led to a hostile actor gaining access to 130 of the company’s source code repositories. During the attack, a hostile actor pretended to be the code integration and delivery platform CircleCI to collect workers’ login information and authentication codes. Since CircleCI login credentials may also be used to access Github, it obtained access to Dropbox’s account. The hacker was able to access some of the platform-stored code that Dropbox uses, including the API keys that its developers utilize.

9) Breach Triggers Costa Rican National Emergency

Hackers took over the Costa Rican government’s finance ministry in April of this year. To give the government access back after they had taken control of the ministry’s computer systems, these hackers sought US$10 million. In addition, the hackers shut down about 30 government organizations when the government objected.

The nation’s tax systems were halted due to the attack by the Russian ransomware gang Conti. As a result, exports were negatively impacted, and worker payments were delayed. In addition, 97% of Conti’s material collected through its attack had been disclosed by May. The predicament became so out of control that the government eventually declared a national emergency.

Unfortunately, this wasn’t the only cyberattack the Costa Rican government experienced. In June, the Hive ransomware organization targeted the nation, threatening to cut off access to its social security system in exchange for USD5 million in Bitcoin. In addition, the attack rendered the government unable to report COVID-19 results appropriately.

10) Cash App Data Hack

Employers frequently advise staff to safeguard against cyberattacks and other online catastrophes. But these safeguards will be rendered redundant if a former employee, who knows the mechanisms of the organization, initiates the data breach. This cyber attack is one of the biggest hacks, as the fallout affected about 8.2 million people.

As per CNN: More than 8 million Cash App Investing customers may have had personal data compromised after a former employee downloaded internal reports without permission, parent company Block Inc revealed. … Information in the reports accessed by the former employee included customers’ full names, brokerage account numbers, and the personal identification number associated with a customer’s stock activity on the platform.

Capping it Off

Having an infrastructure that is IT-reliant is a potential target for threat actors. The attacks are only rising and are predicted to stunt the economy substantially. We live in a world where cyber-attacks are now perceived to be regular. However, despite the common perception, the attacks are pretty jarring and affect not just the operations but also the reputation of a company. From the above attacks, one must understand that human error and lack of expertise have cost many companies and governments a good deal of their resources. These errors can be averted by reaching out to StealthLabs. Based out in Texas, we have delivered customized solutions to clients of various sectors. Reach out to us, and walk away with a solution that suits you best.

Contact Us

More Cyber Security News: