Learning from the Biggest Recent Data Breaches of 2022 and 2023

Data breaches are every business’s worst fear, causing disruptions, financial losses, trust erosion, and potentially even business closure. Large breaches can impact millions globally. Contrary to popular belief, data breaches in 2022 and 2023 aren’t exclusive to large corporations. According to one study, 61% of small and medium-sized businesses were hit by a successful cyberattack in the last twelve months. It’s just these hacks and breaches weren’t significant enough to hit the headlines. So, what are the recent data breaches you should be aware of, and what lessons can businesses of all sizes take from them?

How Data Breaches Affect Companies

Data breaches move quickly and hard, with 93% of successful attacks taking less than a minute. The problem with online security breaches is that they often go unnoticed for extended periods. According to San Francisco State University, it takes an average of 287 days to identify a breach and 80 days to contain it. With this much time to play with, it’s easy to see how a relatively small attack could result in a massive data breach. However long it takes to pull off an attack, it’s left to your business to pick up the pieces, so let’s examine the cost of data breaches for companies today.

  • Regulatory Fines – The immediate cost is regulatory fines for data leaks. For example, the costs of a breach of the General Data Protection Regulation (GDPR) in Europe can result in fines of up to 20 million Euros or 4% of your company’s global turnover, whichever is higher.
  • Downtime and Disruption – Severe breaches can result in downtime for you and your customers, meaning you cannot serve them. Depending on your size and industry, the cost can range from hundreds of dollars per minute to thousands.
  • Investigation and Security Costs – Locating a breach is just the first step. Cyber investigations and containment can cost thousands of dollars. Not to mention the immense cost of patching and upgrading your cybersecurity infrastructure.
  • Loss of Trust – Your customers trust you with their data. Break that trust, and your customers may never return. According to a survey, 40% of consumers said they would never use a brand again. Worse, another 40% said they’d actively go to a business’s competitors.
  • Loss of Intellectual Property – Companies in specific sectors, such as finance, legal, and engineering, often lose access to sensitive and valuable data, including trade secrets and pieces of intellectual property. These things make your business what it is, so losing them can permanently dull your competitive edge.

Whether it’s a high-profile breach or not, all major data breaches entail various consequences. Even minor cybersecurity breaches can be costly for your business, so it’s crucial to invest in, monitor, and regularly upgrade your defenses.

Here are the 10 Largest Data Breaches of 2022 and 2023

Recent data breaches are more impactful than ever. Every year seems to be a record year, and the same goes for data breaches in the last two years. In 2022 alone, 422 million individuals were affected by recent security breaches. And if you’re wondering why this is more than the population of the U.S., it’s because some individuals were hit multiple times. So, in no particular order, what are the recent data breaches in 2022 and 2023 to be aware of, and what can we learn from companies with data breaches?

Company Date Number of People Affected
T-Mobile May 2023 Over 37 million
MCNA Dental March 2023 Nine million
PharMerica March 2023 5.8 million
Activision February 2023 Unknown
Microsoft June 2023 Less than 1,000
Twitter January 2023 235 million
Neopets September 2022 69 million
Optus September 2022 9.8 million
Medibank November 2022 9.7 million
WhatsApp 2022 500 million

1. T-Mobile (January 2023)

Once again, T-Mobile fell victim to another data breach. This is the mobile giant’s ninth data breach since 2018 and only the second this year. Although May saw the exposure of details belonging to 800 customers, the earlier January breach was massive. The personal information of over 37 million customers was stolen after hackers gained access to their systems in November 2022.

Luckily, once detected, T-Mobile managed to track and contain the source within 24 hours. T-Mobile claims that this data breach will likely cost them more than the $350 million they paid out to customers resulting from an August 2021 breach. So, these breaches have cost hundreds of millions of dollars and customer trust.

2. Managed Care of North America (MCNA) Dental (March 2023)

MCNA Dental is one of the largest oral health insurance and dental care providers sponsored by government programs like CHIP and Medicaid. In March 2023, they reported a ransomware attack that successfully stole the personal information of nearly nine million patients. Although they claim that they’ve enhanced the security of their systems and offered free credit monitoring and identity theft protection from IDX, this is unlikely to stop the damage.

The LockBit ransomware gang claimed credit and demanded $10 million to return the information. No payment was made, and all data was published on their website in April 2023, which was made available as part of a free download to the public.

3. PharMerica (March 2023)

PharMerica is a U.S. pharmacy giant, making it a natural target for hackers. In March 2023, they reported that 5.8 million could have fallen victim to a security incident. As one of the latest data breaches, the fallout remains ongoing, but the problem is that personal and medical information was disseminated via the ransomware gang Money Message.

The gang published part of the stolen data on their leak site. To PharMerica’s credit, they moved quickly and discovered the incident within 48 hours, but it took another week to identify which information had been accessed. Another issue is that significant amounts of the information came from Americans who had passed away, making identity theft a problem due to the lack of ongoing monitoring of things like credit reports.

4. Activision (February 2023)

Video game giant and the company behind the Call of Duty franchise, Activision, confirmed in February 2023 that they had sustained a data breach in December 2022. The hacker gained access to employee data through an SMS phishing attack against one of their HR employees. Although Activision claimed they addressed the attack quickly, they offered no further details.

However, a security research group investigated the incident and found that the hacker had accessed employee data and the company’s entire 2023 release schedule. Currently, Activision has revealed nothing about how many were affected, but the investment in an independent research group likely indicates this could be one of the biggest data breaches of 2023.

5. Microsoft (June 2023)

The significance of the biggest data breaches can be measured in more than the number of people affected. In June 2023, it was reported by cloud security firm Wiz that a Microsoft employee had accidentally shared more than 38 TB of data. The original leak occurred in July 2020 while working on open-source AI learning models. The employee in question shared the URL for an Azure Blob storage bucket that had been misconfigured.

Besides information on the open-source models, the Wiz Research Team discovered that 38 TB of private data was shared, including passwords for different Microsoft services, secret keys, and Teams messages. Luckily, Microsoft confirmed no customer data was exposed. However, this could have a dramatic and lasting impact on Microsoft’s further development as a company in the age of AI.

6. Twitter (January 2023)

Twitter is no stranger to data breaches after a huge one in 2018. Following Elon Musk’s takeover, Twitter rang in 2023 with the reveal from the Washington Post that 235 million Twitter account emails had been shared in an online hacking forum. At first glance, it appears more irritating than anything genuinely malicious. Few people will have any sensitive personal details on Twitter.

But the issue is that malicious actors could use these emails to uncover people who post anonymously on Twitter, such as those who voice their dissent in authoritarian countries. It’s believed that these account emails were scraped sometime in late 2021, but Twitter did identify and fix the exploit in January 2022. Unfortunately, of the 235 million emails, 211 million were unique. In this case, the best option is to either close the email account or enable multi-factor authentication and remain alert for any potential attacks in the future.

7. Neopets (September 2022)

In September 2022, the virtual pets website Neopets released details about one of the most recent data breaches that exposed the personal information of more than 69 million players. It was found that attackers were present within Neopets’ IT systems from January 2021 until July 2022. Stunningly, Neopets only identified the attack when they found a hacker offering to sell the database for four Bitcoins.

If you were included in the breach, your password, username, real name, and email address are part of the information stolen. Neopets has reset all passwords, enhanced its network monitoring, improved its authentication schemes, and is working on implementing multi-factor authentication into its accounts.

8. Optus (September 2022)

Optus is Australia’s third-largest telecoms company and remains one of Australia’s biggest data breaches of recent times. Cybercriminals accessed the company’s internal network, allowing them to access a database containing the information of 9.8 million customers. Not only were names, birth dates, and email addresses revealed, but also street addresses, driver’s license numbers, and passport details.

Optus claims it was a complicated attack, but an insider and the Australian government claimed it was due to a human error leading to a vulnerability in the company’s AI. An initial $1.5 million AUD ransom was demanded, but the cybercriminals backed down after a few hours and apologized. In this case, the data breach had a happy ending, which is far from the norm.

9. Medibank (November 2022)

Medibank is one of Australia’s largest health insurance providers, offering policies under Medibank, ahm, and Amplar Health. It also offers travel insurance, pet insurance, and life insurance. In November 2022, the personal details of 9.7 million people were stolen as part of a 200 GB cache obtained through gaining access to the company’s internal systems. The cybercriminal managed to gain access through stolen corporate credentials purchased on the dark web.

Once inside, the hacker deployed a script to automate the data theft, enabling them to move quickly before Medibank could respond. The data was leaked in several installments after Medibank refused to pay a $10 million ransom. The hacker was believed to be connected to the REvil ransomware gang in Russia. Unfortunately, since so many cyberattackers are located in nations like Russia, it’s usually impossible to trace and take legal action against them.

10. WhatsApp (2022)

In 2022, it emerged that nearly 500 million WhatsApp numbers may have been stolen in an attack. On a well-known hacking forum, a user announced they were selling a 2022 database of 487 million mobile numbers. Allegedly, the numbers came from 84 countries, including 32 million U.S. users.

After a further investigation by independent news sites, it was found the numbers were, in fact, likely to be from WhatsApp. On the other hand, WhatsApp parent company Meta claimed they were nothing more than recycled numbers from an older 2019 Facebook leak.

Since then, they haven’t commented on how the hack happened or whether it’s genuine. When approached, the seller of the data remained coy as to which methods he used to obtain it.

There’s a good chance that it could be data scraped from another data breach, as some of these are, but you can’t afford to take chances when it comes to breaches of this scale. Still, while numbers alone cannot be used for identity theft, it could result in users becoming targets for phishing scams or connected to data from other recent data breaches. Either way, your privacy could be at risk.

Why Backing Up Your Data is Important in 2024

Taking extra steps to protect your data is crucial whether you’re a small business or a multinational corporation. Many of the above breaches demonstrate that companies are making significant missteps when fulfilling their data protection obligations. That brings us to the issue of data backups. While they cannot prevent an attack from happening, they can make your business more resilient. Here are the top reasons you should use Corodata’s cloud storage solutions to protect your organization.

  • Preventative Measures Fail – All of the above data breaches involve large companies. With in-house IT teams and immense cybersecurity budgets, they still fell victim to huge attacks. It shows that even with the best cybersecurity measures, you could still experience an attack, so it makes sense to prepare for the worst and hope for the best.
  • Evolving Attack Vectors – According to CNN, the average business lost $100,000 to downtime in 2017. Cyberattacks have never been more sophisticated, meaning anyone can be a victim. To minimize downtime, data backups are crucial.
  • Physical Disasters – Don’t discount the risks of natural disasters and employee theft. Not all attacks occur due to getting hacked in cyberspace. Even though it may be unlikely, having a contingency plan for the improbable is essential.
  • Cloud Computing Isn’t Enough – Companies often think that uploading their data to the cloud is all they need to do. But the cloud also comes with risks. Cloud computing providers are also vulnerable to cyberattacks, which could expose your business to a subsequent attack. Multiple types of backups, whether physical or cyber, ensure you’re ready for anything.
  • Insider Threats – Today, most media attention focuses on phishing and ransomware, but insider threats still happen. If the call is coming from inside the house, it can be challenging to track, especially if the unidentified employee is still working for you. Regular employees are among the biggest threats to your organization because most companies don’t consider this attack vector.

The reality is cyberattacks are becoming more common than ever, and everyone is a target. Most breaches don’t make the headlines, but even relatively minor attacks can cause chaos, so you need an insurance policy. Data backups secured off-site and on-site provide you with the insurance to recover and bounce back if your business is attacked. Talk to us to learn more about how this should be executed.

Corodata Can Help Prevent Large Data Breaches

Adopting a reactive stance to data breaches isn’t going to do much if you become a target of a cyberattacker. Today’s businesses must take steps to reinforce their security and produce contingency plans to reduce disruption and damage should the worst happen.

At Corodata, we support our clients by providing offsite media and data storage to help streamline getting back up and running after a data breach. Additionally, we offer document and media destruction services to ensure you’re complying with the law and reducing your risk area.