29 Dec Biggest Data Breaches in 2022
LastPass
According to LastPass, one of the main password managers, hackers stole a wealth of personal information from its clients, as well as encrypted and cryptographically hashed passwords and other data kept in customer vaults.
The disclosure, made public on Thursday, is a startling update to a breach announced by LastPass in August. At the time, the firm stated that the cyberattack consisted of a threat actor getting unauthorized access to elements of the password manager’s development environment via a single hacked developer account and “removed chunks of source code and some confidential LastPass technical knowledge.” Customers’ master passwords, encrypted passwords, personal information, and other data kept in customer accounts, according to the business, were not affected.
According to the business’s Thursday update, hackers gained access to personal information and related metadata, including corporate names, end-user names, billing addresses, email addresses, phone numbers, and IP addresses used by users to access LastPass services. The hackers also stole a backup of client vault data, which includes both unencrypted data like website URLs and encrypted data like website usernames and passwords, secure notes, and form-filled data.
The August attack, which allowed hackers to grab LastPass source code and sensitive technical information, appears to be linked to a second incident at Twilio, a San Francisco-based provider of two-factor authentication and communication services. In that compromise, the threat actor stole data from 163 Twilio customers. The same phishers that penetrated Twilio also compromised at least 136 other websites.
This includes “both unencrypted data, such as website URLs, and fully-encrypted, sensitive fields, such as website usernames and passwords, secure notes, and form-filled data,” according to the blog post.
BitKeep
BitKeep is a multi-chain decentralized web3 DeFi wallet that supports over 30 blockchains, 76 mainnets, 20,000 decentralized apps, and over 223,000 assets. It is utilized for asset management and transaction processing by approximately eight million users in 168 countries.
While the platform has not issued an official statement on its website, it has alerted the community on its official Telegram channel that the event appears to have affected users who downloaded an illegal version of the BitKeep app.
Those who downloaded the trojanized APK package are advised to transfer all funds to the official store after installing the official programs from Google Play or App Store, establish a new wallet address, and transfer all cash to it.
BitKeep lost around $1 million in October 2022 when a hacker discovered a weakness in the service that allowed them to do arbitrary token swaps.
BitKeep committed to completely repay everyone affected by the situation at the time. However, because the current assaults are the consequence of people being duped by trojanized APKs, reimbursements are doubtful.
You should take a look at this article too!: Tips for Overcoming Barriers to a Smooth BYOD Program
An seemingly legitimate threat actor claims to have 400,000,000 Twitter user data and is seeking to sell it.
According to them, the database is secret and contains devastating quantities of information, including emails and phone numbers for high-profile people.
The threat actor offered a legitimate sample of 1,000 noteworthy accounts, including AOC, Brian Krebs, Vitalik Buterin, Kevin O’Leary, Donald Trump JR, and others, making Twitter a very lucrative place for a cyberattack
They claim this data was gathered up to early 2022 using a Twitter hack, and in their article, they encourage Elon Musk to buy the data to prevent GDPR litigation.
Please keep in mind that it is not feasible to completely verify that there are 400,000,000 people in the database or that it comes directly from Twitter at this time. Following an independent check, the data looks to be real; stay tuned for updates!
The data is increasingly likely to be valid and was most likely obtained from an API vulnerability that allowed the threat actor to query any email / phone number and retrieve a Twitter profile, which is very similar to the Facebook 533m database that I first reported about in 2021 and resulted in a $275,000,000 fine to Meta.
Ukraine
Even though it’s not a company, but a country, Ukraine has been a victim of Russian attacks in the battlefield, with thousands of deaths and millions of displaced people. But, this time, we want to talk about the implications in cybersecurity Ukraine has faced recently. Russia has launched not just this cyberattack, but many, since the beginning of the invasion, leaving confusion and misguidance inside the civil society.
Moscow’s cyberattack and cyber operations have numerous goals, including causing infrastructure damage, destroying government software, and carrying out harmful espionage and assaults on individuals in Ukraine and throughout the world. According to a recent analysis, 90 percent of Russia’s identified assaults in the last year targeted NATO member nations, with 48 percent targeting IT corporations situated in member countries.
As the battle proceeds, we may anticipate the Russian state and hackers to execute more cyber operations in order to immobilize opponents and damage Ukraine’s energy, transportation, and digital infrastructures. In the absence of a conventional solution to the conflict — and there is presently none — cyberwarfare will become an increasingly crucial weapon.
If you want to learn how we can protect you from a cyberattack, contact us!
