Year in Review: Biggest Application Security Breaches Of 2022

Uploaded on 2023-06-15 in NEWS-Cybersecurity News, FREE TO VIEW

Contributed by Gilad David Maayan

What is a Data Security Breach?

A data security breach is when there is unauthorized access to sensitive information, such as financial information or personal information.

Data breach can happen when a cybercriminal hacks into a computer system or network, or when an individual accidentally exposes their own data by sharing it with someone who shouldn't have access to it.

In either case, the result can be damaging to the individuals or organizations whose information has been compromised.

Biggest Application Security Breaches Of 2022

There have been several high-profile application security breaches in recent history. Some of the largest and most notable include:

Twitter:   In July 2022, attackers obtained information from 5.4 million Twitter users due to a now-patched system vulnerability. Attackers stole email addresses and phone numbers and linked them to user accounts. Twitter claimed that no passwords have been stolen, but urged all Twitter users to enable two-factor authentication for their accounts.

Singtel Optus:   Optus is an Australian telecommunications company. In September 2022, a breach was reported that exposed the data of approximately 9.8 million customers. Optus contained the attack soon after it was discovered. Hackers may have exposed information such as customer name, date of birth, phone number and email address. In addition, the addresses of some customers and their resident registration numbers, such as driver's license and passport numbers, were also leaked. However, payment details and account passwords were not disclosed.

Medibank:   In October, 2022, Medibank, an Australian private health insurer, announced that they were contacted by a hacker who claimed to have breached their systems and stolen 200GB of data. Later in the month, Medibank revealed that the data of 3.9 million customers had been compromised. The stolen information included customer names, addresses, dates of birth, Medicare card numbers, and gender. The stolen health information also included customer billing codes.

Cash App:   Cash App is a popular finance app owned by Block, which allows individuals to make P2P payment transfers in regular currency and cryptocurrency. In April 2022, Cash App officials admitted that a former employee had hacked into its servers. The data stolen included client names, stock trade information, account numbers, portfolio values, and other sensitive financial information. The company contacted more than 8 million customers to inform them of the incident. Fortunately, no account credentials were stolen in this attack, so the attackers could perform illicit payments.

Shields Health Care Group:   Shields Health Care Group, a healthcare provider based in Massachusetts, had its network hacked in March, 2022. The attacks affected 2 million patients and 56 medical facilities. The attack gave the attackers access to detailed patient information such as name, social security number, date of birth, home address, provider information, diagnosis, billing information, insurance information, insurance number, medical record number, and patient identification number.

Neopets:   In early 2022, attackers reportedly broke into the database of eCommerce company Neopets, stealing the personal data of 69 million current and former users, as well as 460 MB of source code. Hackers had access to the database between January and July, 2022. The stolen data included user personal information such as name, username, email address, IP address, gender, date of birth, NeoPets PINs, and hashed passwords.

Best Practices for Preventing a Data Breach

Penetration Testing

Penetration testing, also known as pen testing or ethical hacking, is a method of simulating a cyber attack on a computer system, network, or web application to test its defenses. The goal of penetration testing is to identify vulnerabilities in a system that could be exploited by a hacker, and to provide organizations with recommendations for how to fix those vulnerabilities. 

To use penetration testing to prevent data breaches, organizations can follow these steps:

  • Identify the scope of the penetration test—determining which systems, networks, and applications will be tested, as well as what types of attacks will be simulated.
  • Hire a team of experienced penetration testers—you can hire in-house experts or outsource this test. The important thing is to ensure this team has the necessary skills and expertise to carry out the test effectively.
  • Develop a penetration testing plan—outline the steps that will be taken during the test, as well as the criteria that will be used to evaluate the results.
  • Conduct the penetration test—the team of testers will simulate various types of cyber attacks on the systems and networks that are within the scope of the test.
  • Analyze the results—the testers will identify any vulnerabilities that were discovered during the test and provide recommendations for how to fix them.

Organizations following these steps can leverage penetration testing to identify and remediate potential vulnerabilities before they are breached by a real attacker. 

Conduct Regular Risk Assessments

Regular risk assessments are an important part of any organization's cybersecurity strategy. It involves analyzing an organization's systems, networks, and data to identify potential vulnerabilities and the risks they pose. 

By conducting regular risk assessments, organizations can identify and prioritize the risks that need to be addressed, and design strategies for mitigating those risks. The goal is to reduce the risk of suffering a data breach, protect sensitive information, and keep the organization's systems and networks secure.

Limit Access According To The Principle Of Least Privilege

The principle of least privilege is a security concept that states that individuals and programs should only be given the access rights and permissions that are necessary for them to perform their specific tasks. This means that users and programs should not be given more access than they need to do their jobs, and that access should be restricted to only the specific resources that they need to access.

Limiting access according to the principle of least privilege can help prevent data breaches in several ways, including:

  • Reducing the overall attack surface of an organization's systems and networks. This means that there are fewer potential vulnerabilities that can be exploited by hackers. 
  • Making it more difficult for attackers to move laterally within an organization's systems and networks once they have gained initial access. 
  • Helping prevent unauthorized access to sensitive information, since users and programs will only be given access to the specific resources that they need.

To implement the principle of least privilege in an organization, it is important to carefully review the access rights and permissions of all users and programs, and to restrict access to only the specific resources that are necessary for them to perform their tasks. This will help to reduce the risk of data breaches and keep sensitive information secure.

A Disaster Recovery Plan (DRP)

A disaster recovery plan (DRP) is a plan that outlines the steps that an organization will take to restore its operations and systems in the event of a disaster, such as a natural disaster or a cyber attack. A DRP typically includes information about the organization's critical systems and data, the backup and recovery procedures that will be used, and the roles and responsibilities of the personnel who will be involved in the recovery process.

The goal of a DRP is to minimize the disruption to an organization's operations and systems in the event of a disaster. By having a clear, well-defined plan in place, organizations can quickly and effectively restore their operations and systems, which can help to prevent long-term damage and minimize the impact of the disaster.

While a DRP can help to protect against data breaches, it is not a prevention strategy in and of itself. Rather, it is a response plan that helps recover from a breach once it has occurred. To truly protect against data breaches, organizations should implement strong security measures and regularly assess and manage their risks. 

Conclusion

In conclusion, the year 2022 saw several high-profile application security breaches that highlighted the need for organizations to prioritize data protection and implement robust security measures. The breaches at Twitter, Medibank, and Neopets demonstrated the potential consequences of failing to adequately protect sensitive data, and the importance of regularly reviewing and updating security protocols.

As technology continues to evolve and cyber threats become more sophisticated, it is crucial for organizations to stay vigilant and take all necessary steps to prevent data breaches.

Gilad David Maayan is a technology writer who has worked with over 150 technology companies including SAP, Imperva, Samsung NEXT, NetApp and Check Point, producing technical and thought leadership content that elucidates technical solutions for developers and IT leadership. Today he heads Agile SEO, the leading marketing agency in the technology industry.

You Might Also Read: 

XDR vs. SIEM: Do You Need One or Both?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Google's App Store - Full Of Spyware
Analysing XeGroup’s Arsenal Of Cyberattack Methods »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LogonBox Software

LogonBox Software

LogonBox Software specialises in producing a cost-effective range of Network Security and Identity Management software solutions for all sizes of Enterprise.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Cybersecurity Defense Initiative (CDI) - University of Arkansas

Cybersecurity Defense Initiative (CDI) - University of Arkansas

The Cybersecurity Defense Initiative is a national cybersecurity training program, developed for technical personnel and managers who monitor and protect our nation's critical cyber infrastructures.

Cyber Science

Cyber Science

Cyber Science is the flagship conference of C-MRiC, focusing on pioneering research and innovation in Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

ADVA Optical Networking

ADVA Optical Networking

ADVA is a company founded on innovation and focused on helping our customers succeed. Our technology forms the building blocks of a shared digital future and empowers networks across the globe.

Gulf Business Machines (GBM)

Gulf Business Machines (GBM)

GBM is a leading end-to-end digital solutions provider, offering the broadest portfolio, including industry-leading digital infrastructure, digital business solutions, security and services.

Zyber 365 Group

Zyber 365 Group

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Theta

Theta

Theta is a New Zealand owned technology consultancy. Our team of over 330 experienced professionals help organisations transform with technology.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.

Beazley Security

Beazley Security

Beazley Security is a global cyber security firm committed to helping clients develop true cyber resilience: the ability to withstand and recover from any cyberattack.