The worst hacks and breaches of 2022 so far

Even the first one Six Months of 2022 The first half of this complicated year saw massive hacks, data breaches, digital scams and ransomware attacks continue apace. With the worldwide Covid-19 pandemic, economic instability, geopolitical unrest and bitter human rights disputes, cyber security vulnerabilities and digital attacks have proven to be deeply embedded in all aspects of life.

With six months left in the year, there is still more to come. Here are the biggest digital security failures of all time.

For years, Russia has conducted aggressive and reckless digital attacks against Ukraine, causing blackouts, attempting to distort elections, stealing data, and releasing destructive malware to wreak havoc across the country and the world. After invading Ukraine in February, the digital dynamic between the two countries has changed as Russia struggles to support a massive and costly kinetic war, and Ukraine is ramping up resistance on every front it can think of. This means that Russia continues to hurt Ukrainian Institutions And Infrastructure with cyberattacks, Ukraine is also being hacked with surprising success. Ukraine formed a volunteer “IT army” at the start of the war, focused on disrupting DDoS attacks and hacks against Russian organizations and services to make as much confusion as possible. Hacktivists around the world have also turned their attention—and digital firepower—toward the controversy. And with Ukraine launching other types of hacks against Russia, including attacks using custom malware, Russia has experienced unprecedented levels of data breaches and service disruptions.

Digital extortion gang Lapsus$ went on a serious hacking bender in the first months of 2022. The group emerged in December and began stealing source code and other valuable data from prominent and sensitive companies such as Nvidia, Samsung and Ubisoft before leaking. This is in clear extortion attempts. The spree peaked in March when the group announced that it had breached and leaked parts of Microsoft’s Bing and Cortana source code and compromised a contractor with access to the internal systems of ubiquitous authentication service Okta. Attackers based in the United Kingdom and South America have relied heavily on phishing attacks to gain access to targets’ systems. In late March, British police arrested seven people believed to have links to the group, and two were charged in early April. Lapsus $ seemed to remain active briefly after the arrests, but then went dormant.

In one of the most disruptive ransomware attacks to date, Russia-linked cybercrime gang Conti brought Costa Rica to a screeching halt in April—and disruptions would continue for months. The group’s attack on the country’s finance ministry paralyzed Costa Rica’s import/export businesses, costing tens of millions of dollars a day. The attack was so serious that Costa Rica’s president declared a “state of national emergency”—the first country to do so because of a ransomware attack—and one security expert described Conti’s campaign as “unprecedented.” A second attack in late May, which was attributed to Conti-linked HIVE ransomware, targeted the Costa Rican Social Security Fund and caused widespread disruptions to the country’s healthcare system. While Conti’s attack on Costa Rica was historic, some believe it was a diversion as the gang tried to rebrand itself to avoid sanctions against Russia over its war with Ukraine.

As the cryptocurrency ecosystem has evolved, the tools and utilities to store, convert and manage it have evolved at breakneck speed. However, such rapid expansion has come with its share of oversights and missteps. And cybercriminals are eager to exploit these mistakes, often stealing tens or hundreds of millions of dollars worth of cryptocurrency. For example, in late March, North Korea’s Lazarus Group stole $540 million worth of Ethereum and USDC stablecoins from the then-popular Ronin Blockchain “Bridge.” Meanwhile, in February, the attack The wormhole exploited a flaw in the bridge To catch the Ethereum variant of the wormhole worth about $321 million. And in April, Attackers are targeted The stablecoin protocol Beanstalk granted a “flash loan” to steal about $182 million worth of cryptocurrency at the time.

Healthcare providers and hospitals have long been favorite targets of ransomware actors, who look to create maximum urgency to entice victims to pay in hopes of recovering their digital systems. Healthcare data breaches continued in 2022 as criminals pooled data that could be monetized through identity theft and other forms of financial fraud. In June, Massachusetts-based service provider Shields Health Care Group disclosed this. Data breached Most of March affected nearly 2 million people in the United States. The stolen data included medical information such as names, social security numbers, dates of birth, addresses and billing information, as well as diagnoses and medical record indexes. In Texas, patients at Baptist Health System and Resolute Health Hospital declared a similar violation June disclosed similar data, including Social Security numbers and sensitive patient medical information. Both Kaiser Permanente and Yuma Regional Medical Center in Arizona Revealed data breaches In the month of June.

In early June, the US Cybersecurity and Infrastructure Security Agency warned that Chinese government-backed hackers had breached several sensitive victims around the world, including “major telecommunications companies.” According to CISA, they did so by targeting known router vulnerabilities and bugs in other network equipment, including those made by Cisco and Fortinet, among other vendors. The warning did not identify specific victims, but it did signal a warning over the findings and the need for organizations to step up their digital defenses, especially when handling large amounts of sensitive user data. “The advisory describes the mission and compromise of major telecommunications companies and network service providers,” CISA wrote. “Over the past several years, a series of high-severity vulnerabilities for network devices have given cyber actors the ability to regularly exploit and gain access to vulnerable infrastructure devices. Additionally, these devices are often overlooked.

Separately, hackers are conducting Chinese espionage violated News Corp On January 20, the company discovered an intrusion. As part of the breach the attackers accessed journalists’ emails and other documents. There are several high-profile news outlets, including News Corp The Wall Street Journal And its parent, Dow Jones, the The New York Postand several publications in Australia.

The incident took effect just days after the US Supreme Court ruled in late June that an unrelated data breach exposed the information of everyone who applied for a concealed carry permit in California between 2011 and 2021. Data including names, ages, addresses and license types. The breach occurred after a misconfiguration in the California Department of Justice’s 2022 Firearms Dashboard portal exposed data that should not have been publicly accessible. “This unauthorized release of personal information is unacceptable and falls far below my expectations for this department,” state Attorney General Rob Bonta said in a statement. “The California Department of Justice is tasked with protecting the citizens of California and their data. We acknowledge the stress this has placed on individuals whose information has been exposed. I am deeply upset and angry.”

Leave a Reply