Revisiting Major 2022 Breaches and Cybersecurity Events

December 27, 2022 Andy Thompson

Revisiting Major 2022 Breaches and Cybersecurity Events

Before we ring in the new year, we’re reflecting on some of the biggest cybersecurity events of 2022.

It’s been a stressful 12 months for security teams, to say the least. Many open cybersecurity jobs remained unfilled, straining staff while they grappled with remote workforce risks, accelerated cloud adoption, mounting cybersecurity debt and heightened exposure to ransomware and software supply chain attacks. Meanwhile, the Ukraine conflict created a host of new and formidable challenges.

Identity compromise was a familiar theme across major 2022 breaches – from a high-profile incident involving a leading identity provider, to the rise in deceptive “MFA fatigue” phishing, to a teenager’s headline-grabbing attack on a major ride sharing service. Tackling identity-centric challenges was top of mind for government leaders and business executives alike. In some cases, conversations about the “trust no identity, verify every identity” Zero Trust imperative turned to action. Governments enacted stronger cybersecurity regulations to harden networks and protect access to sensitive data and critical infrastructure. Private sectors increased supply chain scrutiny to identify areas of weakness, such as embedded credentials and unmanaged secrets. Under extreme pressure, cyber insurance providers continued to ramp up requirements, making it even harder for organizations purchase or renew policies. And several landmark legal cases placed breach responsibility and disclosure obligations on individuals, suggesting major changes ahead.

Below, we revisit the past year in cybersecurity, because history tends to repeat itself until we learn from it and make changes. While attack methods and threats continue to evolve, focusing on identity – the one true constant – is a solid cybersecurity strategy for 2023 and beyond.

January 2022 Breaches

  • Attackers breach a global humanitarian organization, gaining access to sensitive data and disrupting services around the world.
  • A U.S. mass media conglomerate discovers a persistent cyberattack targeting journalists in a suspected espionage campaign.
  • An attack on a global cryptocurrency exchange results in unauthorized withdrawals worth $35 million.
  • A multi-month attack spree by Lapsus$ Group compromises several leading tech companies. After the dust settles, an identity vendor is disclosed as the initial attack vector.

February 2022 Breaches

 March 2022 Breaches

April 2022 Breaches

  • Ransomware attacks wreak havoc on Costa Rica, prompting the country’s president to declare a national state of emergency.
  • A former employee at a major mobile payment app downloads sensitive files containing personal customer information, impacting up to 8 million people.

June 2022 Breaches

July 2022 Breaches

  • Attackers breach Italy’s energy agency compromising servers, blocking access to systems and suspending access to its website for a week.

August 2022 Breaches

September 2022 Breaches

October 2022 Breaches

November 2022 Breaches

December 2022 Breaches

  • Another large Australian telecoms firm reports data breach impacting 132,000 customers resulting from a “misalignment of databases.”
  • Security researchers report a spike in devices infected with the TrueBot malware downloader created by the Silence criminal group.
  • Back-to-back attacks on a popular ride sharing company then a large cryptocurrency exchange underscore third-party vendor security risks.

 

Previous Article
Trust Issues Podcast: A 2022 Cyber Episodes Replay
Trust Issues Podcast: A 2022 Cyber Episodes Replay

Since launching last spring, the CyberArk Trust Issues Podcast has covered a range of top-of-mind cybersecu...

Next Article
What I Learned from Analyzing a Caching Vulnerability in Istio
What I Learned from Analyzing a Caching Vulnerability in Istio

TL;DR Istio is an open-source service mash that can layer over applications. Studying CVE-2021-34824 in Ist...