The Biggest Data Breaches of 2022 & What Caused Them

We’ve come a long way on the technological front, with IoT devices now dominating every corner of our lives. Despite all these advances, cybercrime is still a nagging problem and it continues to pose a significant risk to the global population. The number of data breaches in the first quarter of 2022 was higher than in 2021, with cyber attacks contributing to 92% of the breaches we saw across the year. 

Diving into the numbers, this year’s second quarter alone witnessed nearly 52 million data breaches. To put things into perspective in monetary terms, IBM recently revealed data breaches cost companies a staggering $4.35 million on average for a single incident. Data breaches also affected the healthcare industry the worst, with a single incident typically costing over $10 million.

The Top 12 Data Breaches in 2022

Let’s take a look at the biggest data breaches of 2022, how they impacted the affected companies, and the key learnings from each incident. We’ve rated the incidents in order of increasing severity based on factors like the scale of attack, the potential number of affected users, and the monetary losses incurred.

#12: Uber Data Breach

Uber's security update on their website following the data breach
Uber said the attacker compromised a contractor account leading to the breach

Uber’s been a victim of repeated and rather controversial cyber attacks. In September 2022, the company suffered what researchers called a ‘total compromise’, when an attacker gained access to their deep internal networks

The threat actor accessed Uber’s Slack workspace, cloud storage, G-suite tools, and even its internal databases and employee dashboards. The company came to know about the data breach when the attacker announced it themselves in a Slack channel. Uber took several servers and systems offline but it’s unclear how much data was impacted. 

As investigations continue, what’s emerged is that the attacker used an Uber contractor’s account to gain access to the systems. The company has been proactive this time around, securing its systems and locking down its codebase and access points to prevent further damage.

#11: Red Cross Data Breach

The Red Cross Society website with the data breach updates
The Red Cross cyberattack exposed 515,000 vulnerable individuals’ personal data

One of the rather more surprising 2022 data breaches is the Red Cross cyber attack which happened in January. Attackers used a critical vulnerability in Red Cross’s systems to mount a sophisticated attack on the International Committee of the Red Cross (ICRC). 

The targeted attack exposed highly confidential data. This directly puts over 515,000 vulnerable individuals at significant risk, including refugees, detainees, and missing persons. The breach exposed several global Red Cross societies’ data. 

The attackers’ intent still remains unclear as they didn’t demand any ransom. Following the incident, ICRC made a humanitarian appeal to the attackers, requesting they withhold from leaking, selling, and sharing the data.

#10: Data Breach website with the customer advisory following the cyberattack
Threat actors are increasingly targeting crypto and blockchain platforms

While the blockchain is intrinsically highly secure and transparent, data breaches can still impact user data if not properly managed or if centralized controls still remain. In January, a massive data breach affected nearly 500 digital cryptocurrency wallets, with hackers walking away with more than $30 million in Bitcoin, Ethereum, and other cryptocurrencies.

The attackers were able to bypass two-factor authentication and directly access user wallets. The company initially denied the attack but later changed its stance and admitted the hackers stole customer funds. hired third-party experts to assess the system’s security infrastructure and prevent similar attacks in the future.

#9: Russia-Ukraine Cyberwar

The message Russian attackers posted on Ukranian government websites following the cyberattacks
Russia-Ukraine cyberwar saw several government sites being defaced

Russian state-backed agencies launched several attacks on Ukrainian institutions, including the Ministry of Internal Affairs, which supervises the border forces and police. They also breached Ukrainian security councils’ systems. The attackers acquired sensitive citizen data, reports believe, to identify Ukrainian individuals who could resist occupation and detain them.

Ukrainian security forces claimed Russia used massive attacks to target individual Ukrainians as the invasion progressed. The attackers took down satellite modems in Ukraine, restricting access to the internet. A hacker group named ‘Cyber Army of Russia’ stole more than 7 million citizens’ personal information. 

Things took an unexpected turn when Ukraine’s volunteer ‘global cyber army’ hacked several Russian websites and leaked more than 1600 Russian soldiers’ personal information and other data. The incident highlights how cyberwarfare is gaining prominence even as nations battle on the ground.

#8: TransUnion South Africa Data Breach

TransUnion South Africa website's official announcement of the data breach
TransUnion South Africa said the data breach compromised 5 million customers’ personal data

N4aughtysec, a Brazil-based hacker organization hacked TransUnion South Africa’s systems, demanding a huge $15 million ransom. 

The compromised TransUnion server exposed more than 5 million South African consumers and 600,000 businesses’ personal data. The leaked data includes names, email addresses, credit scores, physical addresses, and dates of birth.

Much to everyone’s utter shock and the credit giant’s embarrassment, the hackers claimed the password securing the TransUnion server in question was literally “password” itself.

#7: Costa Rica Cyber Attacks

Costa Rican president makes a media statement about political motivations behind the cyberattacks
Costa Rica declared a state of emergency following a series of massive data breaches

Attackers have repeatedly subjected Costa Rican government institutions to data breaches, affecting more than 30 organizations whose server systems are now completely offline.

In what experts called an “unprecedented” attack, a ransomware gang called the Conti group leaked 600 GB of confidential government data, demanding $20 million to decrypt the ransomed information. 

The Costa Rica data breach was so serious, President Rodrigo Chavez declared a state of emergency. The government reported losses amounting to millions of dollars.

In April and then again in May this year, threat actors compromised extensive Costa Rican networks, impacting everything from healthcare services in rural regions to overseas trade. 

#6: Plex Data Breach

Plex website homepage
The Plex data breach compromised 20 million user records

In August, the leading American media service app provider Plex reported a massive data breach affecting nearly 20 million users. Attackers compromised highly confidential information including customer email addresses, usernames, and passwords. 

Plex patched the vulnerability in their systems which led to the attack and requested users to reset their passwords and activate multi-factor authentication.

The company clarified hackers did not steal credit card information as they store none on their systems. Plex further said they’d hashed passwords using strong encryption which would take sophisticated technologies to crack. 

#5: Credit Suisse Data Leak

The Credit Suisse press release following the data breach
The Credit Suisse leak revealed human traffickers and criminals among the bank’s customers

Hackers broke into the private banking giant Credit Suisse’s internal systems, exposing sensitive customer data. The data breach exposed as many as 30,000 customer accounts, which belonged to high-profile war criminals, human traffickers, corrupt leaders, and state heads. 

Estimates value these accounts at over $100 billion, placing this among the biggest 2022 data breaches. An anonymous Credit Suisse whistleblower leaked the data to Süddeutsche Zeitung, a German daily, expressing anger at Swiss banking secrecy laws. 

A massive public outburst followed against Credit Suisse for not conducting the requisite due diligence on their clients. The bank, however, denied any allegations about its business conduct.

#4: Ronin Network Data Breach

Ronin's official data breach announcement tweet
The Ronin Network data breach, costing $625 million, is the biggest in the crypto world so far

Cryptocurrency thefts are nothing new but what happened in April 2022 shocked the blockchain world to its core. Ronin Network, known for its popular blockchain gaming platform Axie Infinity, saw a massive data breach unlike any other ever seen before in the crypto sphere. 

Hackers, which US officials believed to be the Lazarus Group, accessed the Ronin platform and stole funds amounting to a whopping $625 million.

The platform had to reimburse its customers which added to the losses. Experts have called this the biggest crypto hack in history and have cautioned blockchain platforms to maintain security strongholds to ensure an incident this grave is never repeated.

#3: Twitter Data Breach

Twitter's official announcement of the 2022 data breach on their website
Attackers scraped 5.4 million user records from Twitter exploiting a 2021 known vulnerability

In July this year, a cybercriminal used a 0-day vulnerability to leak data from the microblogging platform. The hacker then worked out a way to link email addresses and phone numbers to individual Twitter user profiles to successfully identify them. The breach impacted nearly 5.4 million Twitter users. The attacker also sold the data scraped from the platform. 

The hacker exploited a vulnerability introduced by a code update in 2021 and Twitter patched the vulnerability post the incident. The company issued an apology and requested users who wished to remain anonymous to not use their public email addresses and phone numbers with their Twitter accounts.

Interestingly enough, a threat hunter had already pointed out the vulnerability in the platform in January 2022, with Twitter recognizing his findings too. This wasn’t the only major incident Twitter faced this year — in August the company’s ex-head of security filed a damning whistleblower report about the company’s security practices.

#2: Optus Data Breach

Optus CEO's official statement on the Optus website
Optus data breach is one of Australia’s biggest, exposing 10 million customers’ confidential data

In what could well be Australia’s worst-ever data breach, Optus, the country’s telecommunications giant, admitted to a massive cyber attack that directly exposed its 10 million customers’ personal data — which amounts to nearly 40% of the national population. The announcement came in September 2022.

According to Optus, the data leaked included both current and former customers’ phone numbers, residential addresses, names, driving license numbers, and passport numbers.

The attacker demanded a $1 million ransom and posted customer database samples online. While Optus claimed this was a “sophisticated” attack, the hacker said they’d used simple freeware available to anyone online to orchestrate the system intrusion. 

The Australian government said the data breach puts about 2.8 million people in the nation at critical identity theft and fraud risk. 

#1: Samsung Data Breach

Samsung website with the official data breach announcement
Samsung data breach potentially compromised the data of millions of customers worldwide, including their precise geolocation

Among major data breaches in 2022, the cyber attack on Samsung in July sticks out. Least of which because the company only publicly announced it in August. Threat actors breached the electronics behemoth’s US servers and stole customers’ sensitive personal data. It’s unknown how many users the attack affected but media reports consider this a massive data breach at an unprecedented scale.

While Samsung has customers running in millions all around the globe, in its breach notice, the company maintains the attack only affected “certain” users’ personal information, including product registration numbers, names, date of birth, demographic information, and contact details.

Samsung said it stores this data in accordance with strict privacy laws to provide the “best experience” possible to its customers and the company is working with leading experts to know more about the breach. 

Following the cyber attack, 10 class suits have been filed in the US against Samsung for failing to protect sensitive data — including millions of people’s precise geolocation.

This is the second data breach on Samsung this year, with the first striking in March when the Lapsus$ group stole confidential company information and source codes. Estimates revealed threat actors acquired nearly 190 GB of data in the attack.

The Other 2022 Data Breaches You Should Know About

This year’s list of data breach-affected companies is long and still growing as new victims find themselves affected every day. Let’s take a moment to go over the other significant cyber attacks of 2022 — not as major as the ones discussed earlier but still serious enough to warrant a mention.

Nvidia Data Breach

Lapsus$ broke into leading GPU maker Nvidia’s servers in February. The ransomware attack leaked nearly 71,000 employee records— likely both current and former. 

The attackers leaked 1 TB of confidential Nvidia data including upcoming graphics card models and source code.

News Corp Cyber Attack

News Corp, the American mass media company, revealed bad actors have compromised its servers continuously since 2020. The data breaches did not compromise any customer data as the hackers only used their journalists’ email. The company claims espionage as the root cause of the attacks.

Microsoft Data Breach

The Lapsus$ group targeted Microsoft in March, potentially compromising several Microsoft services including Cortana and Bing. Two days after the hackers announced their attack on Telegram, Microsoft secured its systems and said the incident affected only one account.

Cybersecurity evangelists praised Microsoft’s proactive and prompt response which prevented the attack from doing greater harm.

LastPass Data Breach

In August 2022, LastPass, the popular password manager, admitted to a data breach wherein an unauthorized third-party gained access to the company’s internal systems.

LastPass said threat actors had access to their servers for 4 days but did not steal any user data, including customer passwords. The company said the attackers successfully acquired some proprietary source code though.

LastPass data breach notice on their website
LastPass said the 2022 data breach did not expose customer passwords

OpenSea Data Breach

The popular NFT marketplace announced a massive data breach when a contracted vendor misused their access privileges to get into sensitive customer data. OpenSea said the attack affected potentially all its users, with the attackers accessing their email addresses, putting them at targeted phishing risks.

Does a VPN Protect Against Data Breaches?

A VPN secures internet traffic end-to-end from your device to the destination server. However, the remote server still sees all the data you send and can process and store it in accordance with its privacy policy and terms of use. 

If threat actors then intrude on the web server, they can theoretically access your information. Unfortunately, the only 100% guaranteed way to protect your information against a potential data breach is to not use the web service at all and abstain from revealing your data on any platform. Given how digitally-ingrained our lives are now, that’s not always possible.

You can definitely bolster your online security with simple measures though, minimizing attack risk while still enjoying your favorite services. A VPN protects against some cyber attacks which include Man-in-The-Middle (MiTM) attacks and Distributed Denial of Service (DDoS) attacks. 

These incidents typically happen when an attacker snoops on your internet traffic and sees what you’re accessing. A VPN encrypts all your information, so all an attacker sees is nonsensical data.

A VPN protects you from data breaches in other ways too. It masks your real IP address and replaces it with your selected VPN server’s IP. If the web service you connect to via the VPN logs your IP address, or if it employs a tracker that does so, it won’t ever see your real IP. Any data breaches the web service suffers won’t leak your IP address either. A premium VPN like CyberGhost helps throw ad trackers and data brokers off their tracks to an extent. We also use DNS-based filtering to actively stop malicious websites and downloads.  

VPN Data Breaches in 2022

VPN data breaches aren’t uncommon but they can have serious consequences considering users trust VPN services with highly sensitive data. Untrustworthy VPNs log your data which includes your IP address, browsing history, and connection logs. 

A data breach can reveal all this information, putting you at an even greater risk than you’d be in if you hadn’t used a VPN in the first place.

Gecko VPN page on Google Play Store
A massive data breach exposed 21 million user records— all customers of free VPN providers

In May 2022, hackers broke into three popular VPN networks, namely GeckoVPN, SuperVPN, and ChatVPN — all free VPN services. The attackers then posted the stolen personal data on Telegram for anyone to download for free. 

The cyber attack compromised 21 million users’ data, making this one of the biggest data breaches of 2022 in the VPN sector. The exposed data, nearly 10 GB in volume, includes customers’ email addresses, payment methods, salted passwords, residence countries, and names. This leaked data puts customers at an increased risk of identity theft as well as targeted phishing attacks. Threat actors can misuse sensitive information to pose as legitimate entities and trick you into revealing even more data. 

Premium VPNs like CyberGhost have a strict No Logs policy and we back that up with our quarterly Transparency Reports so you don’t just have to take our word for it. We use RAM-only servers which means CyberGhost doesn’t collect any of your data, so we can’t leak anything even if our servers are ever compromised.

How Does CyberGhost VPN Keep You Safe?

CyberGhost VPN has a highly secure global server network which we constantly monitor for your security and optimal performance. Our service not only masks your real IP address, but we also encrypt your internet traffic with military-grade 256-bit AES encryption. This means anyone snooping on your network, be they a cybercriminal or even your ISP,  is in for utter disappointment.

CyberGhost VPN embodies privacy and security at its very core. We realize the only way to ensure true privacy is to not collect any data at all. Unlike most free VPNs which log your data, we have a strict No Logs policy which doesn’t let us collect any of your information. Your IP address, browsing history, connection logs — everything remains yours and yours alone. 

Our servers are RAM-only, which means we don’t have any hard disks that can store your data so you leave absolutely no trail. Since we don’t store any sensitive data when you connect to our servers, any data breach we might suffer has nothing to reveal.

CyberGhost VPN also has unique security features including advanced Wi-Fi protection. You can configure it to automatically turn the VPN on when connecting to a new Wi-Fi network — a great way to stay secure even on public Wi-Fi hotspots that harbor cybercriminals. 

What Should You Do After a Data Breach?

When it comes to data breaches, for most companies, it’s often a question of ‘when’ rather than ‘if’. Considering how common these attacks are, even with major tech giants, it’s imperative that you prepare yourself for a data breach to minimize its impact on your personal and professional life.

If a data breach leaks your personal data, here’s how you can brace yourself in the moments immediately following the attack to secure yourself:

          • Stay vigilant: When a company which stores your data faces a data breach, they’ll typically send out alerts with the next steps to secure your account. Follow all communications closely to know exactly what data the breach leaked and work with the company to prevent further damage.
          • Change your passwords: It’s good security practice to regularly change all your passwords across apps and websites anyway. Following a data breach, immediately change the affected password and create a new, stronger password
          • Enable multi-factor authentication: Enable multi-factor authentication on the affected account. This way, even if someone has access to your password following a data breach, they’ll not be able to log into your accounts without an additional authentication factor. Consider using authenticator apps or text-based authentication for all your online accounts for greater protection.
          • Use anonymous email addresses and phone numbers: When you sign up for an account with any app or website, use an anonymous email address that isn’t publicly associated with your name or work. Similarly, you can use a second, prepaid SIM card when creating an account, especially if you have a dual-sim phone. This makes it harder for an attacker to track you down or abuse 2FA if they do a SIM swap on your first SIM card.
          • Contact financial institutions: If a data breach has compromised your social security number and payment information, contact your financial institution to alert them to monitor your account for suspicious activity. If a threat is imminent, consider temporarily freezing your affected financial accounts to prevent misuse.
          • Search your personal information online: It’s not uncommon for attackers to post stolen information online after a data breach. If you find your physical address or other details posted online, contact the website or search engine to request that they delete your personal information.
          • Delete accounts you no longer use: We’re all guilty of signing up for multiple accounts on far more websites than we actually need. This increases the attack surface, raising data exposure risks following a leak. Reduce your digital footprint and restrict revealing personal information on sites. Delete the accounts you no longer use to digitally shred their associated data.
          • Use a VPN to secure yourself online: Use a VPN like CyberGhost to protect your data from network snoopers. If an attacker targets you following a data breach which revealed your personal information, a VPN can greatly help mask your identity online. In addition, VPNs also protect against some cyber attacks, particularly on unsecured networks.

What the 2022 Data Breaches Mean for Our Digital Future

Data breaches continue at an alarming rate and can reveal extremely sensitive information. The most common reasons for a data breach include malicious insiders, malware, phishing, and software vulnerabilities. 

The writing on the wall is clear — enterprises will need to invest more in newer security measures and more innovative ways to mitigate cyber attacks. AI and automation can hold the key to ensure early detection and reduce the severity and costs associated with crisis management.

That’s not up to you, though. For your part, you can stay proactive to protect your information from a data breach. Follow the tips in this guide to protect your data and use CyberGhost VPN to secure your traffic on any network and protect against DDoS and MiTM attacks. 

CyberGhost VPN offers easy-to-use apps for all your devices and comes with a risk-free 45-day money-back guarantee. Test drive all our features to your heart’s content and get a full refund if you’re not satisfied for any reason.


How many major data breaches have there been in 2022?

Reports confirm 23.65 million reported data breaches by the third quarter of 2022, with a 167% increase in the 3rd quarter over the previous quarter. As the year comes to a close, this number will certainly rise. Those impacted include big tech companies like Samsung, Nvidia, and Microsoft, and also SMEs and startups. There’s been a significant increase in data breaches for centralized cryptocurrency and blockchain platforms as well. 
Major VPN cyber attacks also happened in 2022, where free VPNs compromised personal data belonging to millions. CyberGhost VPN does not store any user logs when you use our services, and our servers are RAM-only, so you leave no permanent footprints on our network. 

What are the top 3 biggest data breaches of 2022?

The biggest data breaches of 2022 include the Samsung and Twitter data breaches in July, and the Optus cyber attack in September. In addition, data breaches impacted major entities like Microsoft, Ronin Network, Credit Suisse, Plex, and the Costa Rican government.
Data breaches can expose confidential information including your IP address, which can reveal your geolocation. Use CyberGhost VPN to mask your IP address and replace it with our server’s IP. This is one way to make it difficult for a threat actor to trace your information back to your real identity and location.

How many accounts were hacked in 2022?

The potential number of hacked accounts in 2022 will likely run into the billions with so many companies experiencing cyber attacks. According to an estimate, threat actors exposed a mind-boggling 99.2 million records in July 2022 alone. Attackers steal nearly 68 data records every second based on current data, so you can imagine the sheer magnitude of the data breach landscape. 
Cyber attacks take many forms and public Wi-Fi hotspots are particularly vulnerable as they’re cybercriminals’ favorite avenue of attack. CyberGhost VPN has an advanced Wi-Fi protection feature which keeps you secure even on unsecured networks. You can configure our app to automatically enable VPN protection when connecting to any new Wi-Fi network.

What are the most recent data breaches?

Among the most recent data breaches that made headlines is the September 2022 Optus data breach in Australia. The telecom giant admitted to attackers gaining access to their internal systems and exposing approximately 10 million customers’ highly confidential data.
When filling out online forms on websites, abstain from providing sensitive personal information to reduce data leak risks later. If you’d like to raise your internet security a notch higher, we recommend using CyberGhost VPN which helps increase your anonymity online. It’s a great way to reduce your digital footprint when you provide information to remote web servers vulnerable to data breaches. 
Try CyberGhost VPN worry-free with our 45-day money-back guarantee.

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*