The Biggest Data Breaches of 2022 & What Caused Them

We’ve come a long way on the technological front, with IoT devices now dominating every corner of our lives. Despite all these advances, cybercrime is still a nagging problem and it continues to pose a significant risk to the global population. The number of data breaches in the first quarter of 2022 was higher than in 2021, with cyber attacks contributing to 92% of the breaches we saw across the year. 

Diving into the numbers, this year’s second quarter alone witnessed nearly 52 million data breaches. To put things into perspective in monetary terms, IBM recently revealed data breaches cost companies a staggering $4.35 million on average for a single incident. Data breaches also affected the healthcare industry the worst, with a single incident typically costing over $10 million.

The Top 12 Data Breaches in 2022

Let’s take a look at the biggest data breaches of 2022, how they impacted the affected companies, and the key learnings from each incident. We’ve rated the incidents in order of increasing severity based on factors like the scale of attack, the potential number of affected users, and the monetary losses incurred.

#12: Uber Data Breach

Uber’s been a victim of repeated and rather controversial cyber attacks. In September 2022, the company suffered what researchers called a ‘total compromise’, when an attacker gained access to their deep internal networks. 

The threat actor accessed Uber’s Slack workspace, cloud storage, G-suite tools, and even its internal databases and employee dashboards. The company came to know about the data breach when the attacker announced it themselves in a Slack channel. Uber took several servers and systems offline but it’s unclear how much data was impacted. 

As investigations continue, what’s emerged is that the attacker used an Uber contractor’s account to gain access to the systems. The company has been proactive this time around, securing its systems and locking down its codebase and access points to prevent further damage.

#11: Red Cross Data Breach

One of the rather more surprising 2022 data breaches is the Red Cross cyber attack which happened in January. Attackers used a critical vulnerability in Red Cross’s systems to mount a sophisticated attack on the International Committee of the Red Cross (ICRC). 

The targeted attack exposed highly confidential data. This directly puts over 515,000 vulnerable individuals at significant risk, including refugees, detainees, and missing persons. The breach exposed several global Red Cross societies’ data. 

The attackers’ intent still remains unclear as they didn’t demand any ransom. Following the incident, ICRC made a humanitarian appeal to the attackers, requesting they withhold from leaking, selling, and sharing the data.

#10: Crypto.com Data Breach

While the blockchain is intrinsically highly secure and transparent, data breaches can still impact user data if not properly managed or if centralized controls still remain. In January, a massive Crypto.com data breach affected nearly 500 digital cryptocurrency wallets, with hackers walking away with more than $30 million in Bitcoin, Ethereum, and other cryptocurrencies.

The attackers were able to bypass two-factor authentication and directly access user wallets. The company initially denied the attack but later changed its stance and admitted the hackers stole customer funds. 

Crypto.com hired third-party experts to assess the system’s security infrastructure and prevent similar attacks in the future.

#9: Russia-Ukraine Cyberwar

Russian state-backed agencies launched several attacks on Ukrainian institutions, including the Ministry of Internal Affairs, which supervises the border forces and police. They also breached Ukrainian security councils’ systems. The attackers acquired sensitive citizen data, reports believe, to identify Ukrainian individuals who could resist occupation and detain them.

Ukrainian security forces claimed Russia used massive attacks to target individual Ukrainians as the invasion progressed. The attackers took down satellite modems in Ukraine, restricting access to the internet. A hacker group named ‘Cyber Army of Russia’ stole more than 7 million citizens’ personal information. 

Things took an unexpected turn when Ukraine’s volunteer ‘global cyber army’ hacked several Russian websites and leaked more than 1600 Russian soldiers’ personal information and other data. The incident highlights how cyberwarfare is gaining prominence even as nations battle on the ground.

Stay Protected Against Cyber Attacks

#8: TransUnion South Africa Data Breach

N4aughtysec, a Brazil-based hacker organization hacked TransUnion South Africa’s systems, demanding a huge $15 million ransom. 

The compromised TransUnion server exposed more than 5 million South African consumers and 600,000 businesses’ personal data. The leaked data includes names, email addresses, credit scores, physical addresses, and dates of birth.

Much to everyone’s utter shock and the credit giant’s embarrassment, the hackers claimed the password securing the TransUnion server in question was literally “password” itself.

#7: Costa Rica Cyber Attacks

Attackers have repeatedly subjected Costa Rican government institutions to data breaches, affecting more than 30 organizations whose server systems are now completely offline.

In what experts called an “unprecedented” attack, a ransomware gang called the Conti group leaked 600 GB of confidential government data, demanding $20 million to decrypt the ransomed information. 

The Costa Rica data breach was so serious, President Rodrigo Chavez declared a state of emergency. The government reported losses amounting to millions of dollars.

In April and then again in May this year, threat actors compromised extensive Costa Rican networks, impacting everything from healthcare services in rural regions to overseas trade. 

#6: Plex Data Breach

In August, the leading American media service app provider Plex reported a massive data breach affecting nearly 20 million users. Attackers compromised highly confidential information including customer email addresses, usernames, and passwords. 

Plex patched the vulnerability in their systems which led to the attack and requested users to reset their passwords and activate multi-factor authentication.

The company clarified hackers did not steal credit card information as they store none on their systems. Plex further said they’d hashed passwords using strong encryption which would take sophisticated technologies to crack. 

#5: Credit Suisse Data Leak

Hackers broke into the private banking giant Credit Suisse’s internal systems, exposing sensitive customer data. The data breach exposed as many as 30,000 customer accounts, which belonged to high-profile war criminals, human traffickers, corrupt leaders, and state heads. 

Estimates value these accounts at over $100 billion, placing this among the biggest 2022 data breaches. An anonymous Credit Suisse whistleblower leaked the data to Süddeutsche Zeitung, a German daily, expressing anger at Swiss banking secrecy laws. 

A massive public outburst followed against Credit Suisse for not conducting the requisite due diligence on their clients. The bank, however, denied any allegations about its business conduct.

Secure Your Online Transactions

#4: Ronin Network Data Breach

Cryptocurrency thefts are nothing new but what happened in April 2022 shocked the blockchain world to its core. Ronin Network, known for its popular blockchain gaming platform Axie Infinity, saw a massive data breach unlike any other ever seen before in the crypto sphere. 

Hackers, which US officials believed to be the Lazarus Group, accessed the Ronin platform and stole funds amounting to a whopping $625 million.

The platform had to reimburse its customers which added to the losses. Experts have called this the biggest crypto hack in history and have cautioned blockchain platforms to maintain security strongholds to ensure an incident this grave is never repeated.

#3: Twitter Data Breach

In July this year, a cybercriminal used a 0-day vulnerability to leak data from the microblogging platform. The hacker then worked out a way to link email addresses and phone numbers to individual Twitter user profiles to successfully identify them. The breach impacted nearly 5.4 million Twitter users. The attacker also sold the data scraped from the platform. 

The hacker exploited a vulnerability introduced by a code update in 2021 and Twitter patched the vulnerability post the incident. The company issued an apology and requested users who wished to remain anonymous to not use their public email addresses and phone numbers with their Twitter accounts.

Interestingly enough, a threat hunter had already pointed out the vulnerability in the platform in January 2022, with Twitter recognizing his findings too. This wasn’t the only major incident Twitter faced this year — in August the company’s ex-head of security filed a damning whistleblower report about the company’s security practices.

#2: Optus Data Breach

In what could well be Australia’s worst-ever data breach, Optus, the country’s telecommunications giant, admitted to a massive cyber attack that directly exposed its 10 million customers’ personal data — which amounts to nearly 40% of the national population. The announcement came in September 2022.

According to Optus, the data leaked included both current and former customers’ phone numbers, residential addresses, names, driving license numbers, and passport numbers.

The attacker demanded a $1 million ransom and posted customer database samples online. While Optus claimed this was a “sophisticated” attack, the hacker said they’d used simple freeware available to anyone online to orchestrate the system intrusion. 

The Australian government said the data breach puts about 2.8 million people in the nation at critical identity theft and fraud risk. 

#1: Samsung Data Breach

Among major data breaches in 2022, the cyber attack on Samsung in July sticks out. Least of which because the company only publicly announced it in August. Threat actors breached the electronics behemoth’s US servers and stole customers’ sensitive personal data. It’s unknown how many users the attack affected but media reports consider this a massive data breach at an unprecedented scale.

While Samsung has customers running in millions all around the globe, in its breach notice, the company maintains the attack only affected “certain” users’ personal information, including product registration numbers, names, date of birth, demographic information, and contact details.

Samsung said it stores this data in accordance with strict privacy laws to provide the “best experience” possible to its customers and the company is working with leading experts to know more about the breach. 

Following the cyber attack, 10 class suits have been filed in the US against Samsung for failing to protect sensitive data — including millions of people’s precise geolocation.

This is the second data breach on Samsung this year, with the first striking in March when the Lapsus$ group stole confidential company information and source codes. Estimates revealed threat actors acquired nearly 190 GB of data in the attack.

Protect Your Mobile Device

The Other 2022 Data Breaches You Should Know About

This year’s list of data breach-affected companies is long and still growing as new victims find themselves affected every day. Let’s take a moment to go over the other significant cyber attacks of 2022 — not as major as the ones discussed earlier but still serious enough to warrant a mention.

Nvidia Data Breach

Lapsus$ broke into leading GPU maker Nvidia’s servers in February. The ransomware attack leaked nearly 71,000 employee records— likely both current and former. 

The attackers leaked 1 TB of confidential Nvidia data including upcoming graphics card models and source code.

News Corp Cyber Attack

News Corp, the American mass media company, revealed bad actors have compromised its servers continuously since 2020. The data breaches did not compromise any customer data as the hackers only used their journalists’ email. The company claims espionage as the root cause of the attacks.

Microsoft Data Breach

The Lapsus$ group targeted Microsoft in March, potentially compromising several Microsoft services including Cortana and Bing. Two days after the hackers announced their attack on Telegram, Microsoft secured its systems and said the incident affected only one account.

Cybersecurity evangelists praised Microsoft’s proactive and prompt response which prevented the attack from doing greater harm.

LastPass Data Breach

In August 2022, LastPass, the popular password manager, admitted to a data breach wherein an unauthorized third-party gained access to the company’s internal systems.

LastPass said threat actors had access to their servers for 4 days but did not steal any user data, including customer passwords. The company said the attackers successfully acquired some proprietary source code though.

OpenSea Data Breach

The popular NFT marketplace announced a massive data breach when a contracted vendor misused their access privileges to get into sensitive customer data. OpenSea said the attack affected potentially all its users, with the attackers accessing their email addresses, putting them at targeted phishing risks.

Does a VPN Protect Against Data Breaches?

A VPN secures internet traffic end-to-end from your device to the destination server. However, the remote server still sees all the data you send and can process and store it in accordance with its privacy policy and terms of use. 

If threat actors then intrude on the web server, they can theoretically access your information. Unfortunately, the only 100% guaranteed way to protect your information against a potential data breach is to not use the web service at all and abstain from revealing your data on any platform. Given how digitally-ingrained our lives are now, that’s not always possible.

You can definitely bolster your online security with simple measures though, minimizing attack risk while still enjoying your favorite services. A VPN protects against some cyber attacks which include Man-in-The-Middle (MiTM) attacks and Distributed Denial of Service (DDoS) attacks. 

These incidents typically happen when an attacker snoops on your internet traffic and sees what you’re accessing. A VPN encrypts all your information, so all an attacker sees is nonsensical data.

Encrypt Your Online Connection

VPN Data Breaches in 2022

VPN data breaches aren’t uncommon but they can have serious consequences considering users trust VPN services with highly sensitive data. Untrustworthy VPNs log your data which includes your IP address, browsing history, and connection logs. 

A data breach can reveal all this information, putting you at an even greater risk than you’d be in if you hadn’t used a VPN in the first place.

In May 2022, hackers broke into three popular VPN networks, namely GeckoVPN, SuperVPN, and ChatVPN — all free VPN services. The attackers then posted the stolen personal data on Telegram for anyone to download for free. 

The cyber attack compromised 21 million users’ data, making this one of the biggest data breaches of 2022 in the VPN sector. The exposed data, nearly 10 GB in volume, includes customers’ email addresses, payment methods, salted passwords, residence countries, and names. This leaked data puts customers at an increased risk of identity theft as well as targeted phishing attacks. Threat actors can misuse sensitive information to pose as legitimate entities and trick you into revealing even more data. 

Premium VPNs like CyberGhost have a strict No Logs policy and we back that up with our quarterly Transparency Reports so you don’t just have to take our word for it. We use RAM-only servers which means CyberGhost doesn’t collect any of your data, so we can’t leak anything even if our servers are ever compromised.

How Does CyberGhost VPN Keep You Safe?

CyberGhost VPN has a highly secure global server network which we constantly monitor for your security and optimal performance. Our service not only masks your real IP address, but we also encrypt your internet traffic with military-grade 256-bit AES encryption. This means anyone snooping on your network, be they a cybercriminal or even your ISP,  is in for utter disappointment.

CyberGhost VPN embodies privacy and security at its very core. We realize the only way to ensure true privacy is to not collect any data at all. Unlike most free VPNs which log your data, we have a strict No Logs policy which doesn’t let us collect any of your information. Your IP address, browsing history, connection logs — everything remains yours and yours alone. 

Our servers are RAM-only, which means we don’t have any hard disks that can store your data so you leave absolutely no trail. Since we don’t store any sensitive data when you connect to our servers, any data breach we might suffer has nothing to reveal.

CyberGhost VPN also has unique security features including advanced Wi-Fi protection. You can configure it to automatically turn the VPN on when connecting to a new Wi-Fi network — a great way to stay secure even on public Wi-Fi hotspots that harbor cybercriminals. 

Keep Your Data Safe

What Should You Do After a Data Breach?

When it comes to data breaches, for most companies, it’s often a question of ‘when’ rather than ‘if’. Considering how common these attacks are, even with major tech giants, it’s imperative that you prepare yourself for a data breach to minimize its impact on your personal and professional life.

If a data breach leaks your personal data, here’s how you can brace yourself in the moments immediately following the attack to secure yourself:

• • • • • Stay vigilant: When a company which stores your data faces a data breach, they’ll typically send out alerts with the next steps to secure your account. Follow all communications closely to know exactly what data the breach leaked and work with the company to prevent further damage.
        • Change your passwords: It’s good security practice to regularly change all your passwords across apps and websites anyway. Following a data breach, immediately change the affected password and create a new, stronger password
        • Enable multi-factor authentication: Enable multi-factor authentication on the affected account. This way, even if someone has access to your password following a data breach, they’ll not be able to log into your accounts without an additional authentication factor. Consider using authenticator apps or text-based authentication for all your online accounts for greater protection.
        • Use anonymous email addresses and phone numbers: When you sign up for an account with any app or website, use an anonymous email address that isn’t publicly associated with your name or work. Similarly, you can use a second, prepaid SIM card when creating an account, especially if you have a dual-sim phone. This makes it harder for an attacker to track you down or abuse 2FA if they do a SIM swap on your first SIM card.
        • Contact financial institutions: If a data breach has compromised your social security number and payment information, contact your financial institution to alert them to monitor your account for suspicious activity. If a threat is imminent, consider temporarily freezing your affected financial accounts to prevent misuse.
        • Search your personal information online: It’s not uncommon for attackers to post stolen information online after a data breach. If you find your physical address or other details posted online, contact the website or search engine to request that they delete your personal information.
        • Delete accounts you no longer use: We’re all guilty of signing up for multiple accounts on far more websites than we actually need. This increases the attack surface, raising data exposure risks following a leak. Reduce your digital footprint and restrict revealing personal information on sites. Delete the accounts you no longer use to digitally shred their associated data.
        • Use a VPN to secure yourself online: Use a VPN like CyberGhost to protect your data from network snoopers. If an attacker targets you following a data breach which revealed your personal information, a VPN can greatly help mask your identity online. In addition, VPNs also protect against some cyber attacks, particularly on unsecured networks.

What the 2022 Data Breaches Mean for Our Digital Future

Data breaches continue at an alarming rate and can reveal extremely sensitive information. The most common reasons for a data breach include malicious insiders, malware, phishing, and software vulnerabilities. 

The writing on the wall is clear — enterprises will need to invest more in newer security measures and more innovative ways to mitigate cyber attacks. AI and automation can hold the key to ensure early detection and reduce the severity and costs associated with crisis management.

That’s not up to you, though. For your part, you can stay proactive to protect your information from a data breach. Follow the tips in this guide to protect your data and use CyberGhost VPN to secure your traffic on any network and protect against DDoS and MiTM attacks. 

CyberGhost VPN offers easy-to-use apps for all your devices and comes with a risk-free 45-day money-back guarantee. Test drive all our features to your heart’s content and get a full refund if you’re not satisfied for any reason.

Buy CyberGhost Now

FAQ