background image

Blog

The Top 5 Data Breaches of 2022

certification

Data breaches continue to cause headaches for organizations and their security teams worldwide. In just the third quarter of 2022, a total of 108.9 million records were breached, a worrying 70% increase compared to Q2 2022.

Here are the top 5 data breaches that made headlines in 2022.

1. Crypto.com

When: January 2022

The story: In January 2022, hackers targeted the cryptocurrency wallets of 483 Crypto.com customers and successfully stole $16 million worth of Bitcoin, $13 million worth of Ethereum, and $66,200 worth of other currencies. The company initially dismissed the attack as an “incident” and said that "no customer funds were lost.”

Following further investigations, they admitted that customers had lost millions in the breach. The incident shows that cryptocurrency theft is a real risk and highlights the importance of encrypting sensitive data to protect users.

Why it was a big deal: The hack resulted in the theft of over $30 million in cryptocurrencies

Lesson learned: It’s vital to encrypt sensitive data, especially when its theft could result in significant financial losses.

2. FlexBooker

When: January and March 2022

The story: The breach of FlexBooker, a digital scheduling platform, affected over 3.7 million users. The attacker group “Uawrongteam” stole customer names, photos, email addresses, driver’s license details, and phone numbers and then put the data for sale on underground hacker forums. They also installed malware onto FlexBooker’s servers, which allowed them to gain full control over the company’s systems.

After the January incident, a cybersecurity firm discovered an additional breach that could expose the sensitive personal data of up to 19 million people. The affected customers are vulnerable to identity theft and fraud in both cases.

Why it was a big deal: The sensitive personal data of 3.7 million users were exposed and put up for sale on hacker forums.

Lesson learned: Companies that collect sensitive personal information from customers must implement controls to protect this information.

3. Twitter

When: July 2022

The story:A hacker successfully breached Twitter via a zero-day API vulnerability to compile data about 5.4 million users, including usernames, login names, and profile verification status and date. They then offered the database for sale at $30,000 in July and for free in November on a hacking forum called BreachForums.

Although it was initially believed that the stolen data contained only publicly known (and thus not particularly sensitive) data, multiple researchers later found that many users' private information from multiple countries was also stolen. This finding raises concerns about whether the security controls implemented by social media sites can protect users’ identities.

Why it was a big deal: Hackers stole the data of 5.4 million users and posted it on a hacking forum.

Lesson learned: Social media sites are prime targets for hackers, and users should be careful about what they share on these public forums.

4. Uber

When: September 2022

The story: In mid-September 2022, Uber was breached after a hacker broke into an employee’s Slack account. The attacker, "Tea Pot", was affiliated with the Lapsus$ hacking group that had breached Microsoft and Samsung earlier in 2022.

Tea Pot took advantage of hardcoded credentials for a domain admin account to hijack many internal tools used at Uber. Hardcoded credentials (secrets) inside code and scripts were also involved in two other breaches at Uber in 2014 and 2016. All three incidents show why hardcoding credentials can be such a costly mistake for organizations.

Why it was a big deal: Hackers bypassed Uber’s MFA and perpetrated an organization-wide breach.

Lesson learned: Hard-coding credentials gives attackers huge amounts of privilege and creates a single point of failure that can be difficult to recover from.

5. SevenRooms

When: December 2022

The story: The breach of SevenRooms, a CRM platform for hospitality businesses, resulted in the theft of massive amounts of customer data. The database, weighing 427GB, contained information like promo codes, payment reports, API keys, and reservation lists.

A third-party vendor file transfer interface was at the root of the breach. Although the stolen data did not include sensitive information like social security or credit card numbers, the hack has still spooked SevenRooms’ customers and clients, many of whom may be wondering if next time they will lose actual sensitive information to malicious adversaries.

Why a big deal: The theft of sensitive customer data could create future problems for many hospitality businesses.

Lesson learned: A secure CRM system is vital for customer-facing businesses to secure customer/client data.

How Packetlabs Can Help Protect Your Organisation and Customers from Data Breaches

At PacketLabs, we understand the importance of keeping your data safe and secure. Our experts can provide your organization with expert-level penetration testing services to identify vulnerabilities before they can be exploited.

We offer several services to help strengthen your security posture, including infrastructure penetration testing, web and mobile application testing, ransomware penetration testing, cloud penetration testing, social engineering, red team exercises, source-code reviews, exploit development and more. 

Our slogan, "Penetration Testing beyond the checkbox"​ illustrates our commitment to the industry to provide expert-level penetration testing. Our consultants think outside of the box, find weaknesses others overlook, and continuously learn new ways to evade controls in modern networks.

Have Questions? Need a Quote?

Contact our team today to see how we can help improve your security posture. Get a no-obligation quote and a copy of our sample report to help you get started.