2022's Most Significant Data Breaches and Leaks

Data breaches and leaks can be devastating for an organisation, and the year 2022 witnessed several advanced and sophisticated cyber attacks

Data breaches have had the most impact in the world of cyber security in the last 12 months. In 2022, over 4,100 publicly disclosed data breaches occurred, exposing approximately 22 billion records. This article reveals data breaches, leaks, phishing, malware, and cyber-attacks.

A data breach involving student loans exposes 2.5 million social security numbers.

In June 2022, a data breach at student loan servicer Nelnet Servicing exposed the personal information of over 2.5 million users.

The investigation concluded on 17 August 2022 that from June to 22 July 2022, due to a vulnerability in its system, including names, home, student loan account registration information, email addresses, phone numbers, and social security numbers, was accessible to an unknown third party.

Twitter confirms the theft of data from 5.4 million accounts.

In July 2022, a hacker using the alias 'devil' announced on the hacking forum BreachForums that they were selling the data of 5.4 million Twitter accounts.

Phone numbers and Email addresses from "celebrities, companies, randoms, and OGs" were among the stolen information. 'OGs' are Twitter handles that are either short, consisting of one or two letters, or a desirable word as a screen name, such as a first name with no numbers, misspelling, or punctuation. The malicious hackers' devil' stated that they would never accept "less than <$30,000>" for the database.

The data breach was caused by a Twitter vulnerability discovered in January 2022.

Twitter has been accused of covering up a data breach that affects millions of people.

On 23 November 2022, Chad Loder, a cyber security expert based in Los Angeles, tweeted a warning about a data breach at the social media site Twitter. Loder claimed that the cybercrime occurred "no earlier than 2021" and "has been disclosed before. " As mentioned in point seven of this article, Twitter publicly indicated a data breach in July 2022 that grabbed the attention of millions of user accounts. The November breach data is "not the same data" as that observed in the July breach because it is in a "completely different format" and has "different affected accounts," according to Loder. Loder stated that they believed the breach was caused by malicious actors exploiting the same vulnerability as the July hack.

Over 1.2 million credit card numbers were leaked on a hacking forum.

Carding marketplaces are dark websites where users trade stolen credit card information for financial fraud, which usually involves large sums of money. BidenCash, a carding marketplace, released the details of 1.2 million credit cards for free on 12 October 2022.

A file on the site contained information on credit cards expiring between 2023 and 2026, as well as other details required for online transactions. BidenCash leaked the details of thousands of credit cards to promote the site in June 2022. Given that the carding marketplace was compelled to roll out new URLs three months later in September due to a series of DDoS attacks, some cyber security experts speculated that this new release of information could be another attempt at advertising.

On the dark web, a hacker attempts to sell data from 500 million WhatsApp users.

On 16 November 2022, a hacker uploaded to BreachForums a dataset containing what they claimed was the up-to-date personal information of 487 million WhatsApp users from 84 countries. The alleged hacker stated in the post that those who purchased the datasets would receive "very recent mobile numbers" of WhatsApp users. The lousy actor claims that among the 487 million records are details for 32 million US users, 11 million UK users, and millions of German users. The hacker did not disclose how they acquired such a large amount of user data, only stating that they "used their strategy" to achieve it.