Data breaches have been on the rise for a number of years, and unfortunately this trend is not slowing down. The past year or so has been littered with thefts of sensitive information. Data breaches have impacted businesses and organizations of all shapes, sizes and sectors, and they docosts US companies millions in case of damage.
The widespreadData leak at T-Mobile that occurred in the past year, for example, have cost the company350 million dollars in 2022 – and only in customer payouts. This puts companies more than ever under the obligation to secure their networks,Make sure employees have strong passwords,and train your employees to spot the telltale signs of phishing campaigns.
Below we have compiled a list of significant recent data breaches (and some major data leaks) that have occurred since January 1, 2022, dated to the date they were first reported in the media.
January 2023
January 30th
Data Breach at JD Sports:Hackers may have accessed the personal information of up to 10 million people after a data breach at fashion retailer JD Sports, which owns JD, Size?, Millets, Blacks and Scotts. JD Sports CFO Neil Greenhalgh told the Guardian that the company advises its customers "to be vigilant for potential fraudulent emails, calls and texts" and "provides details on how to report them".
20 January
T-Mobile Data Breach:T-Mobile has suffered another data breach, this time affecting around 37 million postpaid and prepaid customers whose data all hackers have accessed. The company claims that while the issue was only discovered on January 5 of this year, the intruders have believed to have been exfiltrating data from the company's systems since late November 2022.
As mentioned in the introduction to this article, this is not the first time that T-Mobile has fallen victim to ahigh profile cyber attack Impact on millions of customers. After last year's attack that compromised the data of 76 million customers, the company pledged to spend $150 million to improve its data security - but the latest attack raises serious questions about whether it was well spent.
18 January
Violation of MailChimp:Another data breach for MailChimp, just six months after the previous one. MailChimp claims that a social engineering attack allowed an attacker to gain access to its systems and then access data attached to 133 MailChimp accounts. It bodes badly for the company as the attack method is strikingly similar to last year's breach and casts serious doubts on its security protocols.
PayPal Data Breach:ABriefSent to PayPal customers on January 18, 2023, it states that on December 20, 2022, "unauthorized persons" were able to access PayPal customer accounts with stolen credentials.
PayPal goes on to say that the company has "no information" about the misuse of this personal information or "any unauthorized transactions" on customer accounts and that there is no evidence that the customer information was stolen from PayPal's systems.
6 January
Chick-fil-A Data Breach:Fast-food chain Chick-fil-A is investigating "suspicious activity" related to a select number of customer accounts. The company haspublished informationabout what customers should do if they notice suspicious activity on their accounts and advised those customers to remove any saved payment methods on the account.
January 4
Twitter Data Breach:Twitter user data has been continuously bought and sold on the dark web in 2022, and it seems that 2023 will be no different. According to recent reports, a bank of email addresses from around 200 million Twitter users is currently being sold on the dark web for just $2. Although the bug that led to this leak was fixed in January 2022, the data is still being leaked by various threat actors.
December 2022
December 31
Slack Security Incident:The business communication platform Slack publishes aopinionjust before the new year about "suspicious activity" on the company's GitHub account.
"Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also found that the threat actor downloaded private code repositories on December 27,” the company said. However, Slack confirmed that "no downloaded repositories contained customer data, means of accessing customer data, or Slack's primary code base."
15th December
Data breach at SevenRooms:Threat actors have posted details of over 400GB of sensitive data on a hacking forumData stolen from CRM platform servers. The information included files from major restaurant customers, promo codes, payment reports, and API keys. However, it appears that the servers that were breached did not store any customer payment data.
December 1
LastPass Data Breach:Password manager LastPass has informed some customers that their information was accessed during a recent security breach. However, according to LastPass, the intruder did not steal any passwords. This isn't the first time LastPass has been the victim of a breach of its systems this year - someone broke into its development environment in August, but again, no passwords were accessed.
November 2022
11. November
AirAsia Data Breach:AirAsia Group has reportedly suffered a ransomware attack orchestrated by the "Daixin Team". The threat group told DataBreaches.net that it obtained "the personal information of 5 million individual passengers and all employees." This included name, date of birth, country of birth, place and the answer to the "secret question".
1. November
Dropbox Data Breach:Dropbox was the victim of a phishing attack that copied 130 Github repositories and stole API credentials after the credentials were unknowingly passed to the attacker via a fake CricleCI login page.
However, Dropbox confirmed in aopinionrelated to the attack that "no one's content, passwords or payment information was accessed" and that the issue was "resolved quickly". Dropbox also said they are in the process of rolling out the "more phishing-resistant form" of the multi-factor authentication technique called "WebAuthn."
October 2022
26th of October
Medibank Data Breach:Medibank Private Ltd, currently the largest health insurance provider in Australia, announced today that data on nearly its entire customer base (nearly 4 million Australians) has been accessed by an unauthorized party. The attack caused Medibank's share price to plummet 14%, its biggest one-day drop since the company went public.
October 18th
Vinomofo Data Breach:Australian wine retailer Vinomofo has confirmed it suffered a cyber attack. The names, dates of birth, addresses, email addresses, phone numbers and gender of the company's nearly 500,000 customers may have been exposed - although it is currently unclear how many have been affected.
17. October
MyDeal Data Breach:2.2 million customers of Woolworth subsidiary MyDeal, an Australian retail marketplace, have been affected by a data breach. According to reports, the companyCRM-Systemwas compromised, with names, email addresses, phone numbers, shipping addresses and some dates of birth exposed during the breach.
15. October
Shein Data Breach:Fashion brand Shein's parent company, Zoetop, was fined $1.9 million for handling a data breach in 2018 that exposed the personal information of over 39 million customers who had accounts with the clothing brand had set up.
New York prosecutors say Zoetop lied about the scope of the breach, as the company originally said only 6.42 million accounts were affected and did not confirm that credit card information was stolen, when in fact it was.
11 October
Toyota Data Breach:In a statement published on the company's website, the automaker said the email addresses and customer tracking numbers of nearly 300,000 customers who used its T-Connect telematics service had been compromised. The company assured customers that there was no risk of financial data such as credit card information or names or phone numbers being stolen.
In its statement, Toyota acknowledged that the T-Connect database had been compromised since July 2017 and that customers should watch out for phishing emails.
October 10
Singletel Data Breach:Singtel, Optus' parent company, revealed that "the personal information of 129,000 customers and 23 companies" was illegally obtained in a cyberattack two years ago. The disclosed data includes "National Registration Identity Care Information, Name, Date of Birth, Cell Phone Numbers, and Addresses" of data breach victims.
7. October
Possible data breach with Facebook accounts:Meta said it identified more than 400 malicious apps in Android and iOS app stores targeting online users with the aim of stealing their Facebook credentials. "These apps have been listed on the Google Play Store and Apple's App Store and disguised as photo editors, games, VPN services, business apps and other utilities to trick people into downloading them," the tech giant said.
October 3
LAUSD Data Breach:Russian-speaking hacker group Vice Society has leaked 500GB of information from the Los Angeles Unified School District (LAUSD) after the second largest school district in the US failed to pay an unspecified ransom by October 4. The ransomware attack itself first made headlines in early September when the attack disrupted email servers and computer systems under the district's control.
September 2022
23.09
Optus Data Breach:Australian telecoms company Optus - which has 9.7 million subscribers - has suffered a "massive" data breach. According to reports, names, dates of birth, telephone numbers and email addresses may have been disclosed, while a group of customers may also have their addresses and documents such as driver's licenses and passport numbers.
It is believed that the attackers are a state-sponsored hacking group or some type of criminal organization and broke through the corporate firewall to get the sensitive information. The Australian Data Protection Commissioner has been notified.
The Australian government has said that Optus should pay for new passports for those who have entrusted their data to Optus, and Prime Minister Antony Albanese has already hinted that this could lead to "better national laws, after a decade of inaction to address the immense... Amount of data to manage collected by companies about Australians - and clear consequences if they don't do it well."
20.09
American Airlines Data Breach:The personal information of a "very small number" of American Airlines customers was obtained by hackers after breaking into employees' email accounts, the airline said. The information accessed could include customers' dates of birth, driver's licenses, passport numbers and even medical information, they added.
19.09
Data breach at Kiwi Farms:The notorious trolling and doxing website Kiwi Farms — known for its malicious harassment campaigns targeting trans and non-binary people — has been hacked. According to site owner Josh Moon, whose administrator account was accessed, all users should "assume your Kiwi Farms password was stolen," "assume your email was leaked," as well as "any IP you used on your Kiwi Farms account last month".
Revolut Data Breach:Revolut suffered a cyber attack that allowed an unauthorized third party to access personal data of tens of thousands of the app's customers. According to reports, 50,150 customers have been affected. The state data protection authority in Lithuania, where Revolut holds a banking license, said email addresses, full names, postal addresses, phone numbers, limited payment card details and bank account details were likely disclosed.
18.09
Rockstar Data Breach:Game company Rockstar, the developer responsible for the Grand Theft Auto series, was the victim of a hack that leaked footage of its unreleased Grand Theft Auto VI game by the hacker. Furthermore, the hacker claims to own the game's source code and is allegedly trying to sell it. The breach is believed to have been caused by social engineering, with the hacker gaining access to an employee's Slack account. The hacker also claims to be responsible for the Uber attack earlier this month.
In a statement, Rockstar said, "We recently suffered a network breach where an unauthorized third party illegally accessed and downloaded confidential information from our systems, including early development material for the next Grand Theft Auto."
15.09
Uber Data Breach:Uber's computer network was broken into, taking several technical and communication systems offline while the company investigates how the hack took place. Described as a "total compromise" by one researcher, emails, cloud storage and code repositories have already been sent by the perpetrator to security firms and the New York Times.
Uber employees found their systems had been breached after the hacker broke into an employee's Slack account and sent messages confirming they had successfully compromised their network.
14.09
Fishpig Data Breach:E-commerce software developer Fishpig, currently used by over 200,000 websites, has informed customers that an attack on a distribution server has allowed attackers to open a number of customer systems through backdoors. "We're used to seeing automated application exploits, and perhaps that's how the attackers originally gained access to our system," said lead developer Ben Tideswell of the incident.
7. September
North Face Data Breach:rough200.000 North Face-Kontenwere compromised in a credential stuffing attack on the company's website. These accounts contained full names
Purchase histories, billing addresses, shipping addresses, phone numbers, account holder genders, and XPLR Passport award records. No credit card information is stored on site. All account passwords have been reset and account holders have been advised to change their passwords on other websites where they have used the same login credentials.
6. September
IHG/Holiday Inn Privacy Breach:IHG released a statement saying they had become aware of "unauthorized access" to their systems. The company assesses "the nature, magnitude and impact of the incident" with the full extent of the breach yet to be clarified.
3. September
TikTok Data Breach Rumor:Rumors began to circulate about itTikTok has been hacked after a Twitter user claimed to have stolen the social media site's internal backend source code. However, after examining the code, a number of security researchers have called the evidence "inconclusive," including Troy Hunt of haveibeenpwned.com. On the other hand, users commenting on YCombinator's Hacker News suggested that the data came from some speciesEcommerceApplication that integrates with TikTok.
Responding to a query from Bloomberg UK, a TikTok spokesperson said the company's "security team investigated this statement and determined that the code in question was unrelated to TikTok's backend source code."
2. September
Samsung data breach:Samsung announced they were the victim of a "cybersecurity incident" when an unauthorized party gained access to their systems in July. In August, they learned that some personal information had been compromised, including names, contact information, demographics, dates of birth, and product registration information. Samsung will contact anyone whose data was compromised during the breach via email.
August 2022
29.8
Breach of Nelnet maintenance data:Personal information of 2.5 million people who took out student loans with the Oklahoma Student Loan Authority (OSLA) and/or EdFinancial was exposed after attackers breached Nelnet Servicing's systems. The systems were compromised in June and the hacker stayed on the network until the end of July.
27.8
Facebook/Cambridge Analytica Data Breach Comparison:Meta on that date agreed to settle a lawsuit alleging that Facebook illegally shared data about its users with British analytics firm Cambridge Analytica. The data was subsequently used by political campaigns in the UK and US in 2016, a year in which Donald Trump became president and Britain left the EU by referendum.
25.8
DoorDash data breach:"We recently became aware that a third party was the target of a sophisticated phishing campaign and that certain personal information maintained by DoorDash was compromised," DoorDash said in a blog post.
The delivery service further explained that "the information accessed by the unauthorized person primarily contained [the] name, email address, shipping address and phone number" of a number of DoorDash customers, while other customers had their "basic... Order information and partially" had payment card information (i.e. the card type and the last four digits of the card number)" retrieved.
LastPass Violation:The password managerdisclosed to its customersthat it was compromised by an "unauthorized party". The company assured customers that this took place in its development environment and no customer data was compromised. A September update confirmed that LastPass security measures prevented customer data breaches, and the company reminded customers that they do not have access to or store users' Master Passwords.
24.8
Plex Data Breach:Client-server media-streaming platform Plex is enforcing password resets on all of its user accounts after detecting "suspicious activity" in one of its databases. Reports indicate usernames, emails and encrypted passwords were accessed.
20. August
DESFA data breach:Greece's largest natural gas utility confirmed that a ransomware attack caused IT system failure and some files were accessed. However, a quick response from the organization's IT team - including disabling online servers - meant the damage caused by the threat was minimal.
10. August
Cisco Data Breach:Multinational technology conglomerate Cisco confirmed that the Yanluowang ransomware gang had done sopenetrated his company networkafter the group released data stolen during the breach online. Security experts have indicated that the data is not of "great importance or sensitivity" and that threat actors may be looking for credibility instead.
4. August
Twilio Data Breach:Messaging giant Twilio confirmed earlier today that hackers accessed 125 customers' data after tricking company employees into handing over their credentials by posing as IT staff.
July 2022
July 26th
Uber data breach cover-up:Although this data breach actually happened back in 2016 and was first revealed in November 2017, it wasn't until July 2022 that Uber finally admitted that it had covered it upenormous data breachThe57 million users affected, and even paid the hackers $100,000 just to make sure it didn't get published. In the case, former Uber Chief Security Officer Joe Sullivan is on trial for the breach -- the first instance in which an executive is tried on charges of a data breach.
22nd of July
Twitter Data Breach:The first reports that Twitter had suffered a data breach regarding attached phone numbers and email addresses5.4 million accountsbegan making headlines that day, with the company confirming in August that the breach was indeed genuine. The vulnerability that enabled the breach was known to Twitter at the turn of the year and was patched by January 13, 2022, so the data theft must have happened within that short window of time.
July 19th
Neopets Data Breach:On that day, a hacker with the alias “TarTaX” put up for sale the source code and database for the website of the popular game Neopet on an online forum. The database contained account information for69 million users, including names, email addresses, zip codes, genders and dates of birth.
July 18th
Cleartrip Data Breach:Travel booking company Cleartrip — which is hugely popular in India and majority-owned by Walmart — confirmed its systems were breached after hackers claimed to have posted its details on an invitation-only dark web forum. The full extent of the data collected by the company's internal servers is unknown.
July 13th
Infinity Rehab and Avamere Health Services Data Breach:The Department of Health has been informed by Infinity Rehab that 183,254 patients have had their personal information stolen. At the same time, Avamere Health Services told HHS that 197,730 patients had suffered a similar fate. The information stolen included names, addresses, driver's license information and more. On August 16, Washington-based MultiCare announced that 18,165 other patients were affected by the same violation.
July 12
Deakin University Data Breach:Australia's Deakin University confirmed that day that it was the target of a successful cyberattack that saw thatpersonal data stolen from 46,980 students, including the latest exam results. Around 10,000 students at the university received fraudulent text messages shortly after the data leak.
5th July
Marriott Data Breach:The hotel group – it isData breaches are no stranger– confirmed its second high-profile data breach in years had taken place in June, after a hacker group tricked an employee and then gained access to a computer. According to databreaches.net, the group claimed to be in possession of 20GB of data stolen from the server at BWI Airport Marriott in Maryland. Marriot would notify 300-400 people of the breach.
June 2022
29. June
OpenSea Data Breach:NFT marketplace OpenSea – theLost $1.7 millionvonNFTs in February to Phishers - suffered a data breach after an employee of Customer.io, the company's email delivery provider, "abused his employee's access to download email addresses provided by OpenSea users and communicate with an unauthorized external party." split". The company said anyone with an email account shared with OpenSea "should assume they're affected."
June 17
Data Breach at Flagstar Bank: 1.5 million customerswere reportedly affected by a data breach that the company first became aware of on June 2, 2022. "We have no evidence that any of the information was misused. Nevertheless, we would like to draw your attention to the incident out of caution," says a letter from Flagstar Bank to affected customers.
14th of June
Baptist Medical Center and Resolute Health Hospital Data Breach:The two healthcare organizations -- based in San Antonio and New Braunfels, respectively -- announced that a data breach had occurred between March 31 and April 24. Data stolen from their systems by an "unauthorized third party" included patients' social security numbers, insurance information, and full names.
June 11
Data breach at Choice Health Insurance:On that day, Choice Health Insurance began notifying customers of a data breach caused by "human error" after realizing that an unauthorized individual was offering to make Choice Health data available online. This was actually publicly accessible since May 2022. The data dump consisted of 600MB of data containing 2,141,006 files with labels such as "Agents" and "Contacts".
June 7
Shields Health Care Group Data Breach:In early June, it was reported that Massachusetts-based healthcare company Shields was the victim of a data breach2,000,000 people affectedacross the United States. The breach was first discovered on March 28, 2022 and information such as social security numbers, patient IDs, home addresses and medical treatment information was stolen. Shortly thereafter, a class action lawsuit was filed against the company.
May 2022
26. May
Verizon Data Breach:A threat actor got their hands on a database full of the names, email addresses, and phone numbers of a large number of Verizon employees in this Verizon data breach. Vice/Motherboard confirmed these numbers were legitimate by calling the numbers in the databases and confirming that they currently (or previously) work at Verizon. According to Vice, the hacker was able to infiltrate the system after convincing an employee to grant him remote access in a social engineering scam.
23. May
Texas Department of Transportation Data Breach:databreaches.net Ocean,personal records of over 7,000 peoplehad been acquired by someone who owned the Texas Dept. for Transportation had hacked.
20. May
Data Breach in Alameda Healthcare System:The Oakland, California-based Alameda Health System notified the Department of Health and Human Services90,000 peoplewas hit by a data breach after suspicious activity was detected on some employee email accounts, later revealed to be an unauthorized third party.
17. May
National Registration Authority of Malaysia Data Breach:A group of hackers claimed to own itPersonal details of 22.5 million Malaysiansstolen from myIDENTITI API, a database that allows government agencies like the National Registration Department to access information about Malaysian citizens. The hackers were looking for $10,000 worth of bitcoin for the data.
Costrican Government:In one of the most high-profile cyberattacks of the year, the Costa Rican government — which was forced to declare a state of emergency — was hacked by theAccounts-Ransomware-Bands. Conti members broke into government systems, stole extremely valuable data and demanded a $20 million payment to prevent a leak. 90% of this data - around 670GB of data - was posted on May 20th on a leak site.
7. May
SuperVPN, GeckoVPN, and ChatVPN Data Breach:A breach involving a number of widely used VPN companies led to this21 million usersAfter their information was leaked on the dark web, the information available included full names, usernames, country names, billing details, email addresses, and randomly generated passwords. Unfortunately, this isn't the first time VPNs have claimed to improve privacymade headlines for a data breach.
April 2022
4. April
Data breach in the Cash app:A data breach in Cash App that affected 8.2 million customers was confirmed by parent company Block through a report to the US Securities and Exchange Commission on April 4, 2022. The breach had actually occurred as early as December 2021, with client names and broker account numbers among the information extracted.
Violation of Emma sleep data:First reported on April 4, customers' credit card information was skimmed in a "Magecart attack." "This was a sophisticated, targeted cyber attack on the checkout process on our website and personal information entered, including credit card details, may have been stolen," an email to customers said.
March 2022
March 30
Violation of Apple and metadata:According to Bloomberg, in late March two of the world's largest tech companies were caught by hackers posing as law enforcement officials. Apple and Meta provided attackers with customer addresses, phone numbers, and IP addresses in mid-2021. The hackers had already gained access to police systems to send fraudulent requests for the data. Some of the hackers were thought to be members of the Lapsus$ hacking group, which reportedly created theGalaxy source code from Samsung earlier this month.
26th of March
US Department of Education Privacy Breach:That turned out to be the case820,000 Studentsin New York had their data stolen in January 2022, accessing demographics, academic information and economic profiles. Chancellor David Banks blamed the software company Illuminate Education for the incident.
March 24th
Texas Department of Insurance Data Leak:On March 24, the state authority confirmed that it had become aware of a “data security incident” in January 2022 that had lasted for around three years. "Types of information that may have been accessible," the TDI said in a statement in March, included "names, addresses, dates of birth, phone numbers, part or all of Social Security numbers, and information about workers' injuries and compensation claims." 1.8 million Texans are said to have been affected.
March 18th
Morgan Stanley Customer Data Breach:US investment bank Morgan Stanley announced that the accounts of a number of clients were breached in a vishing (voice phishing) attack in February 2022, in which the attacker claimed to be an agent of the bank to breach accounts and to initiate payments to their own account. However, this was not the fault of Morgan Stanley, who confirmed that its systems "remained secure".
February 2022
February 25th
Nvidia Data Breach:Chipmaker Nvidia confirmed in late February that it was investigating a possible cyberattack, which was later confirmed in early March. The breach leaked information on more than 71,000 employees. Hacker group Lapsus$ claimed responsibility for hacking into Nvidia's systems.
20. February
Credit Suisse data leak:Although technically a "data leak," it was orchestrated by a whistleblower against the company's wishes and is one of the most significant disclosures of customer data this year. information regarding18,000 Credit Suisse Kontenwas given to Germany's Süddeutsche Zeitung and showed that the Swiss company had a number of high-profile criminals on its books. The incident triggered a new conversation about the immorality of Swiss banking secrecy.
January 2022
20 January
Crypto.com Data Breach:On January 20, 2022, Crypto.com made headlines after a data breach led to funds being withdrawn from 483 accounts. Around $30 million is believed to have been stolen, although Crypto.com initially said no customer funds were lost.
19 January
Red Cross data breach:In January it was reported that theData from more than 515,000 “extremely vulnerable” people, some fleeing war zones, had been seized by hackers in a complex cyber attack. Data was collected from at least 60 Red Cross and Red Crescent Societies around the world through a third party company that the organization uses to store data.
6 January
Flexbooker Data Breach:On January 6, 2022, data breach tracking website HaveIBeenPwned.com revealed this on Twitter3.7 million accountshad been burgled the month before. Flexbooker only confirmed that customer names, phone numbers and addresses were stolen, but HaveIBeenPwned.com said "partial credit card details" were also included. Interestingly, 69% of the accounts were already in the site's database, presumably due to previous breaches.
Data breaches vs. data leaks vs. cyberattacks
This article is primarily about data breaches. A data breach occurs when a threat actor penetrates (or breaches) the system of a company, organization, or business and intentionally steals sensitive, private, and/or personally identifiable data from that system. When this happens, companies are sometimes forced to pay ransoms or their information is stolen and published online. According to one estimate5.9 billion accounts fell victim to data breaches last year.
This differs from adata leakThis is the case when sensitive data is unknowingly made available to the public/members of the public, such as: Take the Texas Department of Insurance leak mentioned above. The term "data leak" is often used to describe data that could theoretically be accessed by people who shouldn't, or data that got into the hands of people in a non-malicious way. A government employee who accidentally sends someone an email containing sensitive information is usually labeled a leak rather than a breach.
Although all data breaches fall under the umbrella of a "Cyber attacks“Cyberattacks are not limited to data breaches. Some cyber attacks have different motives – such as: B. slowing down a website or service or causing any other disruption. Not all cyberattacks result in data exfiltration, but many do.
How can I protect my company from cyber attacks?
Ensuring you are taking steps to protect your business from cyberattacks that result in financially fatal data breaches is one of the most important things you can do. However, it's not just businesses that are at risk - schools and colleges are among the organizations most commonly affectedhuge financial losses.
Some companies and organizations - like Lincoln College -had to be shut down due to the consequential costs of a cyber attack.There has never been a greater obligation for businesses, universities and other types of organizations to protect themselves.
Unauthorized access to networks is often facilitated by weak business account credentials. So,while passwords are still in use, the best thing you can do is get your hands on onePasswortmanager for you and the rest of your staff team. This allows you to create strong passwords that are long enough and different for each account you have. However, you must use additional security measures such as 2-factor authentication wherever possible to create a second line of defense.
You also need to ensure your employees are adequately trained to spot suspicious emails and phishing campaigns.70% of cyberattacks target business email accountsAs such, it is just as important as any software to have people who can identify hazards when they exist.