The 5 Biggest Data Breaches of 2022
The landscape of data breaches is constantly evolving, and no industry is immune. In 2022, some of the biggest data breaches impacted rideshare companies, non-profits, and even crypto traders with private information leaked online by hackers. As more businesses rely on technology to stay competitive in their industry, the more they struggle to keep their internal systems safe and secure.
In fact, previous studies show that small business owners have a false sense of assurance regarding staying protected against online threats. In today's high-stakes digital climate, brokers and agents can assist business owners by highlighting recent data breaches, informing them about cyber risk mitigation practices, and alerting them to how cyber insurance can protect them.
We have done some research for you and are providing an overview of the five biggest data breaches from this year.
The Largest Data Breaches of 2022
The year did not get off to a good start for Cyrpto.com when they were notified of a hack in January 2022 that cost them millions. The hackers made off with $18 million in bitcoin, $15 million in Ethereum, and sums of other cryptocurrencies. The loss affected 483 accounts.
The hackers accessed users’ wallets after figuring out a way to bypass the two-factor authentication system. While the company initially attempted to minimize the Crypto.com data breach, the company was forced to use its own reserve funds to reimburse affected customers. Furthermore, they audited their systems and made security improvements to prevent a subsequent breach.
The crypto.com hack is a reminder that cybersecurity is an ongoing concern, not a one-time event. Small businesses need to be constantly vigilant against potential threats, and should regularly review their security protocols. Additionally, small businesses should consider investing in cyber insurance, which can help cover the customer reimbursement costs of a breach.
2. Cash App
Cash App, a mobile payment system app that Block owns, was compromised in an early 2022 data breach. A U.S. Securities and Exchange Commission report showed that a former employee downloaded information that contained the personal information of Cash App Investing users.
No Social Security numbers, bank account numbers, passwords, or usernames were leaked on the main Cash App platform. However, it did impact users with stock activity accounts. Over eight million of Cash App’s customers were affected by the breach.
Block took quick action following the breach by notifying current and former customers of the breach and sharing resources with them to protect their data.
The Cashapp data breach is a silent reminder of the importance of data security for small businesses. While the incident affected only a small number of users, it highlights the potentially devastating consequences of a data breach. Small businesses must ensure that their servers are properly protected and that their employees are trained in data security best practices.
3. Ronin Network
What makes cryptocurrency and investing so unique is that traditional banks are not involved in the process. As a result, crypto firms do not offer the same level of security that traditional financial systems have, making users vulnerable.
In April 2022, Ronin was another cryptocurrency company that fell victim to a hack. Thieves made off with $615 million in cryptocurrency. The Ronin data breach is considered the second biggest crypto hack ever. The company eventually reimbursed users for their loss. While the Ronin Network breach is still under investigation, it is believed that hackers gained access to the company's systems through a phishing email.
This incident highlights the importance of data security for small businesses, which are increasingly reliant on digital tools and services. It’s important all small businesses do their due diligence to educate their employees on the dangers associated with phishing emails. By taking these precautions, small businesses can help to protect their customers' information and avoid the costly repercussions of a data breach.
4. Red Cross
While it is hard to believe that hackers would target an international organization that does so much good worldwide, a Red Cross data breach occurred in January 2022. Hackers stole the data of 515,000 of the most vulnerable individuals the Red Cross was trying to help.
In response to the hacking, The Red Cross made a massive effort to inform affected individuals and families via phone, mail, and public announcements. They also went as far as to send teams to remote areas to inform people in person.
Although the Red Cross is a large organization with many resources, it was not immune to a data breach. Small businesses often think that they are too small to be hacked, but this is not the case. Hackers target businesses of all sizes, and small businesses are often seen as easy targets.
The Red Cross data breach is a reminder that all businesses, no matter the size, need to take steps to protect their data. This includes investing in security software and employee training, as well as developing an incident response plan.
The most recent major data breach involved Uber, the popular rideshare company. The Uber data breach occurred in September 2022 resulting in millions of stolen data. An 18-year-old hacker was arrested in London after publicly claiming responsibility for the attack. Uber has since disclosed they believe the cybercrime group LAPSUS$ initiated the attack.
Uber quickly notified law enforcement, secured their systems, and continues working with several digital forensics teams to bolster their systems. The impact of this breach is unknown at this time as the investigation is ongoing.
One of the most important lessons to take away from the Uber breach is the importance of encrypting data. Uber stored its customers' personal information in unencrypted databases, making it an easy target for hackers. If small businesses want to protect their customers' data, they need to make sure that it is properly encrypted with strict access controls in place to prevent unauthorized individuals from accessing sensitive data.
What Small Businesses Should Take Away From The 5 Biggest Data Breaches of 2022
Though large data breaches make headlines, small businesses are just as likely to be attacked by cybercriminals. In fact, according to a report from Verizon, 58% of data breaches in past years involved businesses with less than 250 employees. Even more alarmingly, small businesses are the number one target for cyber attacks.
Given the current cyber climate, it’s important for all small businesses to be vigilant in protecting their data. This includes ensuring that all employees are trained in cybersecurity best practices and that the latest security technologies are in place.
Furthermore, small businesses should have a plan in place for how to respond in the event of a breach. This plan should include steps for notifying customers and preserving evidence that can be used by law enforcement. By taking these precautions, small businesses can help to mitigate the risks posed by data breaches.
The Importance of Educating Clients on Data Breaches & Cyber Threats
Small businesses can learn a lot from these massive data breaches. Although these companies had different security protocols in place, they all made one critical mistake: Underestimating their need for additional cyber protection.
The frequency and magnitude of cyber insurance claims will likely cause cyber insurance premiums to increase in the coming year. Brokers and agents can expect clients to contact them, asking for quotes and ways to keep their premiums reasonable.
Brokers and agents who can speak intelligently about data breaches will be able to help educate their clients about how best to secure their cybersecurity infrastructure.
Contact Relay to learn more about educating clients about data breaches and giving them valuable cyber risk mitigation resources.