The Most Painful Data Breaches of 2022 and How They Could Have Been Prevented
With the year drawing to a close, now seems like a good time to reflect on some of the year’s most significant data breaches and what we can learn from them as we move into 2023. One thing that they all have in common, (apart from being financially costly for both the companies involved and their customers) is that many of these unwelcome intrusions could have been prevented or safely contained by using our continuous web threat management system.
Here is our countdown of the year’s top data breaches:
PressReader is the world’s largest online distributor of magazines and newspapers. In March, just after it said that it would give the people of Ukraine free access to news items, it suffered a three-day cyberattack that prevented access to its 7000+ news sources. It isn’t clear who was involved, but this data breach does appear to have been politically motivated. We often think about data breaches being about criminals looking to steal our money, but it’s worth remembering that they can also be about limiting our freedoms.
9. Red Cross
On January 18, the International Committee of the Red Cross (ICRC)’s servers were breached by unidentified hackers. This was a significant data breach that exposed the personal information of over 515,000 vulnerable people around the world.
The Red Cross’s “Restoring Family Links Program” hosts information that identifies people separated from their families due to conflict, migration, war, and disaster, along with details of missing persons and their families. This kind of attack is particularly distressing for the relatives of missing people, and contacting them posed a serious challenge for Red Cross staff. They had to telephone, write letters, and in some cases had to deliver the news in person, traveling to remote communities to contact the affected relatives.
Red Cross systems were restored following the data breach, but the fallout from this attack would have been preventable had it invested in our continuous web threat management.
8. News Corp
In February, News Corp finally owned up to data breaches that affected their servers back in February 2020. No customer data was affected, but News Corp found evidence that some of its journalists’ emails had been stolen. The company hasn’t been able to identify the culprits, but they suspect espionage.
On March 20th, a hacking group called Lapsus$ targeted Microsoft, compromising Cortana, Bing, and several other products. It managed to shut down the attempt after two days, during which only a single account was compromised and the group failed to steal any customer data. Lapsus$ had already attacked several other high-profile companies including Samsung and NVIDIA, so the Microsoft security team was ready for this data breach attempt.
On July 27, the Twitter data breach saw personal information stolen from 5.4 million accounts by a hacker calling himself “devil”, who offered to sell the data. The hacker said that they were able to exploit a vulnerability Twitter had previously been told about on January 1.
The company admitted to the data breach on August 5 and advised users to enable two-factor authentication to protect their accounts from unauthorized users in the future.
On October 14, someone targeted Dropbox employees with a phishing attack, which gave them access to 130 of the repositories the company uses for source code. Once inside, the hacker posed as Circle CL, a code integration and delivery platform (and Circle CL access also gave them access to Dropbox’s GitHub account). Now, the hacker could steal employee login information. They accessed some of Dropbox’s code, including API keys that its developers used.
4. Rockstar Games
On September 19, the developer of the wildly successful Grand Theft Auto game series suffered some real-world drive-by criminality. A hacker gained access to the company’s Slack channel and managed to download and share clips and assets from its unreleased GTA 6 game, sending them to a fan forum. A 17-year-old from Oxfordshire in the UK was later arrested in connection with this data breach, and was also linked to earlier attacks on Uber and Microsoft.
3. Marquard & Bahls
In February, this German energy company was attacked, causing its IT infrastructure to become destabilized, forcing 200+ gas stations to close across Germany. This incident appears to have been a supply chain attack, and it led to companies such as Shell struggling to meet customer demand. Some experts believe that it may have been carried out by the BlackHat gang, a Russian hacking group with a history of targeting oil pipelines. Reflectiz defends against supply chain attacks, by enabling active of monitoring web dependencies, such as third-party and open-source apps, and issuing timely alerts.
With energy security becoming an increasingly important issue due to the ongoing climate crisis and the war in Ukraine, it is likely that we will see more attacks on search infrastructure companies in the future.
2. Credit Suisse
Credit Suisse is one of the largest banks in the world, and unfortunately for it and 30,000 of its customers, an anonymous whistleblower leaked their data in February. The motive seems to have been to publicly draw attention to the possibly criminal goings-on of these people and the $100 billion they had deposited in the bank.
That issue aside, the whistleblower exposed the ease with which data could be leaked by one bad actor, and it highlights the need for a system like Reflectiz that tracks in-house data use and raises red flags to alert security teams about suspicious activities.
On June 1, a customer using Google Cloud Armor experienced HTTPS DDoS attacks that hit a peak of 46 million requests per second, a world record, equivalent to receiving a days’ worth of worldwide Wikipedia requests every 10 seconds. This may not have been a data breach, because it was successfully repelled, but its sheer scale merits a top place mention on this list.
No doubt, 2022 was the year of the data breach. During the third quarter of 2022, approximately 15 million data records were exposed worldwide through data breaches. This figure had increased by 37 percent compared to the previous quarter.
With Reflectiz, you can get a comprehensive map of all active third-party components on your website, reporting and exporting directly to your privacy and legal team. See who is accessing data items, how they process the data, and where are they communicating the data, all sorted by specific sensitive actions, such as user inputting data, network requests, cookies and web storage, and cross-domain trackers. Book a demo with Reflectiz today and validate the privacy policies of your third-parties within minutes.