For 12 years in a row, the US holds the first spot for the highest cost of a data breach, which currently stands at $9.44 million, twice the global average.
From major corporations to small businesses, no one is safe from the reach of cybercriminals, with healthcare getting hit the hardest. And with the COVID-19 pandemic, geopolitical unrest, and economic instability only exacerbating the problem, 2022 has had its fair share of cyber attacks. Here are just a few of the major cyber attacks news today 2022:
The Lapsus$ Group has been on a tear lately, successfully extorting millions of dollars from some of the world’s largest companies by stealing their data and then threatening to release it publicly unless they’re paid off. The group has hit companies in a wide range of industries, including healthcare, technology, manufacturing, and retail.
Some affected companies include Samsung, Nvidia, and Ubisoft. In many cases, the group has been able to successfully steal sensitive data, such as customer records and financial information, largely through phishing attacks, without being detected. In March, the group breached and leaked source code associated with Cortana, and the British police managed to arrest about seven people that may be associated with the group.
The Chile Consumer Protection Agency was hit by a ransomware attack starting on August 25th, 2022. In September, thousands of emails were hacked from the Chilean military and published on the internet. The judicial system attributed the spread of the attack to a phishing email containing the Cryptolocker Trojan.
The attack affected Windows 7 computers and breached about 1% of the court’s computers. According to Angela Vivanco, the Supreme Court spokeswoman, no data was stolen, and the attack was minor. Using the Windows 7 computers played a huge part in the attack, given that Microsoft no longer offers any updates and support for the system.
In April, Ronin, an NFT and crypto company, experienced a data breach that set the company back a whopping $540 million. The cyber attack was so bad that Binance had to come to the rescue and save the company. The hackers breached the platforms and stole the funds on March 23rd. The majority of the funds were owned by customers who won most of it from playing the Axie Infinity game.
Binance injected about $150 million into the company to ensure that customers got back what they lost from the breach. The company took almost a whole week to notice the hack, at which point the value of the coins had escalated to about $615 million. This is the second largest cryptocurrency heist ever recorded.
In January 2022, the popular cryptocurrency exchange, Crypto.com was hacked to the tune of $30 million. The funds were stolen from customer wallets belonging to some 430 users. Initially, Crypto.com downplayed the hack by calling it an incident but then announced that the hackers got away with 443.93 BTC, which would convert to $18 million, and 4,836.26 ETH, which was equivalent to $15 million.
The breach also included other currencies that amounted to $66,200. Crypto-com detected the hack when hackers started making transactions without using the 2FA and immediately suspended withdrawals and forced their customers to log in again in order to set up the 2FA authentication. According to the company, customers were reimbursed fully.
In March of 2022, hackers breached the Shields Health Care Group and exposed data belonging to some 2 million people in the US. This Massachusetts medical service provider deals in ambulatory surgical services, radiation oncology, and MRI/CT imaging.
The hackers had access between March 7th to March 21st, a long enough time to access sensitive patient data such as full names, social security numbers, billing information, medical record number, insurance information, and much more. This is very valuable information, and hackers can use it for a plethora of things, including extortion, phishing, scamming, and social engineering.
Given that Shields Health Care Group partners with numerous hospitals, the consequences of the breach are said to have impacted about 56 health facilities, some of which may include Winchester Hospital, Central Maine Medical Center, and Tufts Medical Center.
Block, a Fintech company, confirmed a breach that affected a massive 8 million people. The breach involved one of the employees who downloaded some reports from the Cash App. The employee had initial access while working for the company but breached the information after termination without permission. According to Block, the information did not include personal information such as passwords, payment card information, or social security numbers.
In May, GM Motors experienced a major hack that exposed sensitive information belonging to car owners. This included phone numbers, addresses, names, car maintenance history, and mileage.
The company revealed the breach on May 16th and explained that the breach affected an undisclosed number of online users in April. Additionally, further investigation revealed that the hackers also stole customer reward points that were later redeemed for gift cards.
Plex is one of the largest streaming apps on the internet, with about 30 million registered customers. This app allows users to stream live television and movies and allows users to access their own videos, photos, and audio on the platform.
Both streaming and personal media were affected, but the company did not disclose how many of those users were affected. However, they did admit that the majority of accounts were affected and went ahead to ask users to reset their passwords.
The Red Cross and Red Crescent Movement experienced a breach in January. Hackers attacked servers with the personal information of over half a million people. The hackers accessed information that reconnected people separated by violence, war, or migration. To curb the damage, Red Cross took their servers offline.
In August, hackers took over the social media accounts of United Conservative Party leadership candidate Leela Aheer and posted graphic images. The images consisted of child nudity and sexual exploitation and were only up for a few minutes before being taken down.
It’s unclear how the hackers got access to her accounts, but Leela Aher said she would not be backing down from her campaigns. The UCP released a statement saying they do not condone the actions of the hackers and will be working with Leela Aheer to ensure her safety.
These are some of the major cyber-attacks that have occurred this year. As you can see, no one is safe from hackers, not even large companies with sophisticated security systems. It is important to always be vigilant and take steps to protect yourself online. As a business, make sure you have a robust security system in place and that your employees are trained on cybersecurity best practices.
And finally, if you are a consumer, make sure you are using strong passwords and unique email addresses for different accounts. Cybersecurity is a team effort, and we all need to do our part to stay safe online.