Top Cybersecurity and Email Security Breaches of 2022 | EasyDMARC

Top Cybersecurity and Email Security Breaches of 2022

18 Min Read

2022 was a challenging year for cybersecurity and email security. More sophisticated attacks emerged, causing greater damage to organizations big and small. Cybersecurity threats have also become increasingly targeted. 

Individuals, businesses, and governments continue to fall victim to malicious activities. Indeed, data breaches, ransomware attacks, phishing scams, malware campaigns, and other such incidents are showing no signs of slowing down.  

In this article, we explore the top cybersecurity and email security breaches of 2022. You’ll also discover the impact of such cybersecurity incidents on businesses. Finally, you’ll see how EasyDMARC can help!

But first, let’s take a closer look at what cybersecurity and email security mean and the associated threats.

Cybersecurity and Email Security: Definition and Dangers

Cybersecurity broadly describes the measures taken to protect networks, computers, programs, and data from unauthorized access, exploitation, or attack. It encompasses both hardware and software technologies used to protect networks and systems from malicious attacks. 

Email security is a subset of cybersecurity that focuses on safeguarding emails and associated information from malicious actors. Electronic mail is a primary means of communication for many businesses and organizations. Such messages often contain sensitive information that must be protected from unauthorized access, hence the need for robust email security. 

The dangers associated with a lack of email security include phishing attacks, spam campaigns, malware infection, and data breaches. Here’s a quick breakdown of what each of these risks entail:

  • Phishing is a social engineering attack that attempts to trick victims into installing malware or divulging sensitive information. Fraudsters accomplish this by masquerading as a trustworthy entity or person. 
  • Spam emails are unsolicited messages sent in bulk to large numbers of recipients. They often contain phishing links or infected attachments.
  • Malware is malicious software designed to gain unauthorized access to, damage, or disrupt computer systems, clients, servers, or networks. 
  • Data breaches are incidents where unauthorized parties gain access to confidential or sensitive information.

The Importance of Understanding Cyberattack Risks

The only way to mitigate cyberattack risks is by understanding them first. Only then can organizations create and implement effective cybersecurity policies and procedures.

Additionally, understanding cyberattack risks helps organizations identify weaknesses in their security systems and make appropriate changes to strengthen them. Armed with the necessary knowledge, organizations can also respond quickly and effectively when an attack does occur.

Three Common Cybersecurity and Email Security Breaches

Cybersecurity is an expanding concern for individuals and organizations. Email security breaches are a significant part of this. Malicious actors often use emails to access sensitive information or spread malware. 

Ransomware, malware, and phishing are three common types of online threats that are the most dangerous. Although they’ve been around for years, these attacks have become increasingly sophisticated.  

All three can be deployed via email. They can be devastating to an organization, often leading to the loss of financial or informational assets. The reputational cost of a data breach is also significant, with persistent damages that are difficult to remedy.

Phishing

Phishing attackers typically use fraudulent emails or messages to trick their victims. The goal is to get users to divulge sensitive data such as passwords or credit card numbers, or click on a malicious link. 

Here are some statistics proving how dangerous phishing attacks can be:

  • Globally, 96% of phishing attacks arrive by email.
  • EasyDMARC communicated with over 40,000 information security and cybersecurity professionals. Over 80% stated that phishing attacks represent a top security concern.
  • Other statistics show that 93% of successful cyberattacks worldwide begin with a spear phishing email.
  • EasyDMARC’s phishing email statistics identified over 9 billion phishing emails in 2022. 

While the types of phishing attacks vary, their risks to small, medium, and large enterprises remain significant.

Malware

Malware is malicious software designed to harm, disrupt, or access a system, server, or network. It can be used to steal data, alter or delete files, or even take control of a computer. 

Malware attacks are one of the leading causes of a data breach. They can be executed through email, websites, downloads, or even physical objects. The malware types include viruses, worms, trojans, spyware, ransomware, and adware. 

Here are some key malware statistics:

  • 560,000 new pieces of malware are detected daily.
  • There are now more than one billion existing malware programs.
  • Every minute, four companies fall victim to ransomware attacks.
  • Trojans account for 58% of all computer malware.

Organizations must continually develop policies and adopt stringent protocols to prevent malware attacks and keep their IT infrastructure safe. In today’s threat landscape, it’s become a necessity.

Ransomware

Ransomware is a type of malicious software used to encrypt files and data on a computer or network. Threat actors then demand a ransom payment for the files and data to be decrypted and accessible again. It’s typically spread through malicious emails, websites, downloads, and other online sources. Ransomware can have serious consequences, such as financial damages, data loss, and disruption of services.

Ransomware attacks have been on the rise in recent years; here are some statistics you might be interested in:

  • A ransomware attack occurs every 2 seconds. 
  • According to Verizon’s 2022 data breach report, ransomware attacks saw a 13% increase in the past five years. 
  • The first half of 2022 had 236.7 million ransomware attacks worldwide. 
  • Ransomware accounts for 10% of all breaches.

Top Cybersecurity Breaches of 2022 

The unauthorized access, destruction, theft, or use of information assets are types of cybersecurity breach incidents. These can occur due to malicious attackers, system errors, or human error. Weak or outdated security protocols and procedures are also a major contributing factor.

The past year saw a boom in cyberattacks and cybersecurity incidents. Let’s look into the top cybersecurity incidents of 2022.

1) The Russia-Ukraine Cyberwar

The Russia-Ukraine Cyberwar continued throughout 2022. Every month, there was a new cyberattack. Threat actors targeted the Russian and Ukrainian governments, military, and civilian infrastructure. 

The attacks included distributed denial of service (DDoS), website defacement, malware, phishing, and other malicious activities. They were aimed at disrupting services, stealing data, and damaging critical infrastructure. 

Here are some of the top cyberattacks during those months:

  1. In February, Anonymous, a decentralized international activist and hacktivist collective, declared a ‘Cyber War’ against Russia.
  2. Later in February, there were ghostwriter threats and phishing campaigns against Ukrainian organizations.
  3. A massive attack on Ukraine’s educational institutions resulted in at least 30 compromised Ukrainian university websites in March.
  4. On March 28, Ukraine’s state-owned telecommunications company Ukrtelecom experienced a disturbance in internet service after a cyberattack. 
  5. Russian TV was disrupted by hackers hijacking anti-Russian slogans on ‘Victory Day’ in May.
  6. The largest Russian video platform ‘RuTube’ was also hacked in May.
  7. Russian hackers allegedly targeted Ukraine’s most prominent private energy firm in July.
  8. In September, the Russian Yandex taxi app was hacked, causing a massive traffic jam in Moscow.

The conflict eventually died by the end of the year as both sides seemed to reach a stalemate. As of December 2022, neither side has reported significant cyberattacks since September. However, tensions remain high between the two countries, and both countries are still actively monitoring each other’s networks for potential threats.

2) Qubit DeFi Platform Suffered a Cryptocurrency Attack Costing $80 Million 

The Qubit DeFi platform suffered a significant cyberattack in January 2022, losing $80 million in cryptocurrency. The attack was conducted by a group of hackers who targeted the platform’s smart contracts. 

The hackers used a technique called “reentrancy” to exploit a flaw in the smart contract code. This allowed them to siphon funds from the platform. 

The Qubit attack underscores the importance of secure coding practices and proper auditing. Smart contracts are designed to execute specific instructions; if they aren’t coded correctly, they can be exploited. 

Auditing is a critical step in the development process. It helps identify any security flaws and vulnerabilities before they can be used. Qubit has since taken steps to address the issue and has reimbursed users for their losses. 

3) 100,000+ Google Play Users Downloaded an Infected Application

In March 2022, a cybersecurity company alerted the Google Play team about a malicious mobile application. It was distributed on the app store and downloaded by 100,000+ users. 

Hackers implanted an Android trojan called “Facestealer” in the Craftsart Cartoon Photo Tools app that steals Facebook credentials. 

Once downloaded, the cartoonifying app presents users with a fake Facebook login page. Bad actors then get full access to victims’ Facebook data, credit card details, private conversations, searches, etc. This mobile application was on Google Play, but has since been banned.

The app simulates a popular photo editing application to reach immense fame and hide its illicit actions. Although Google took action and notified users, this Android trojan remains prevalent. Hackers can easily embed it into other legitimate-looking mobile applications.

4) 260,000 Confidential Attorney Discipline Records Posted After a Data Breach

Another massive data breach occurred in March 2022 when a  website published 260,000 confidential attorney discipline records. After the State Bar of California disclosed the breach, the website deleted the records. Called “The People’s Database,” it initially published the records of California lawyers who were disciplined for misconduct over the past decade.

The group said it removed the records out of respect for the privacy of lawyers and their clients. They also wanted to avoid potential legal action.   

The State Bar launched an investigation into the breach and took steps to secure its network. However, it was later revealed that the breach was the result of a security vulnerability, and not an intentional or malicious hack.

The previously unknown vulnerability was discovered in the case management platform provided by Tyler Technologies Odyssey. It allowed confidential records to be unintentionally gathered by judyrecords.com when accessing public records, according to the State Bar.

The breach exposed sensitive personal data like names, dates of birth, addresses, Social Security numbers, etc. The People’s Database said it had taken steps to protect the data, including encrypting and obscuring some of it. 

It also worked with the State Bar to ensure that the private records were permanently removed from the website.

5) 8.2 million U.S. Cash App Users Targeted by a Data Breach

In April 2022, Cash App announced that it suffered a data breach. The incident occurred in December 2021 after a disgruntled ex-employee accessed confidential customer records in the act of revenge.

The ex-employee had access to financial reports during the execution of their daily duties. After termination on December 10, 2021, the former Cash App worker downloaded these records without authorization. The act resulted in 8.2 million U.S. Cash App users’ data exposed, including:

  • Full names
  • Stock trading activity
  • Brokerage account numbers
  • Portfolio holdings and values

Only the data of customers utilizing the app’s stock function were compromised. However, Cash App notified such users four months after the incident occurred. The delay and negligent control of ex-employee access to confidential data wasn’t taken lightly. 

A class action was filed against Cash App Investing and its parent company, Block, for their failure to secure customers’ data. This incident highlights the dire consequences of a data breach that include possible legal action. It also illustrates the importance of implementing safety controls to mitigate unauthorized access to sensitive records.

6) General Motors Cyberattack Exposed Customer Data

American automotive manufacturing company General Motors witnessed suspicious logins to certain GM online accounts in April 2022. This led to unauthorized redemptions of customer reward points for gift cards.

Later investigations revealed that hackers gained access to customer accounts via a cyberattack on a third-party IT services provider of General Motors.

General Motors stopped gift card redemptions in response to the suspicious activity and notified affected customers, suggesting they change passwords.

The exposed data included addresses, first and last names, email addresses, and search and destination information. The cybercriminals also accessed data like vehicle service details, mileage history, emergency contacts, and in-car Wi-Fi data.

7) Flagstar Bank Data Breach Affected 1.5 Million Customers

Flagstar Bank reported a cyberattack that impacted more than 1.5 million customers. The incident occurred in early December 2021, but was only discovered in June 2022. Forensic investigations revealed that a bad actor gained unauthorized access to the bank’s systems. The hacker remains unidentified. 

Flagstar said the attack was contained and that no customer information was breached. However, consumers were warned to watch their accounts for any suspicious activity. 

The Michigan-based bank took steps to assist affected customers. It offered free credit monitoring and identity protection services for two years. Still, this incident happened on the heels of another cyberattack that occurred just 14 months prior, costing Flagship $5.9 million.

8) Google Forced to Pay AUD 60 Million Fine for Data Violation 

Google made headlines in August 2022 when it was fined $60 million (AUD). The penalty came after a long-running court fight with the Australian Competition and Consumer Commission. The battle revolved around Google collecting personal location data without permission.  

The court found the tech giant guilty of breaking Australian consumer laws by misleading Android users about their geo-data. Specifically, how the information was collected and used for targeted advertising.

The penalty is the largest-ever fine imposed by the ACCC, which Google LLC agreed to pay during federal court proceedings.

Top Email Security Breaches of 2022 

Email security breaches remain prolific threats to industries across the board. These exploits commonly include malicious activities, such as phishing attacks, malware and spam campaigns, ransomware attacks, and other fraudulent schemes.

Statistics show that nearly 63% of security leaders said their staff exfiltrated data over email in 2022. Meanwhile, 92% of companies experienced a data breach caused by an end-user making a mistake in their email. 

Following these crazy stats, it’s time to discover the top email security incidents of 2022.

1) U.S. Department of Defense Lost $23M in Elaborate Phishing Attack

In late April 2022, a Californian man was convicted due to a massive phishing scam resulting in the theft of $23 million. The victims? The U.S. Department of Defense and a DoD vendor. 

Sercan Oyuntur, a Northridge resident, was found guilty on various counts relating to identity theft, wire, mail, and bank fraud. According to prosecutors, Oyuntur conspired with others to defraud the U.S. Department of Defense through a complex phishing scheme. 

They targeted a DoD contractor responsible for supplying jet fuel to U.S. troops in Southeast Asia. By posing as a legitimate New Jersey employee, the threat actors stole over $23 million intended for the victim corporation.

Oyuntur and his co-conspirators created fraudulent email accounts and phishing sites impersonating the General Services Administration’s (GSA) website. They then sent phishing emails to various DoD contractors, including the New Jersey employee who represented the victim corporation.

The emails appeared to originate from the U.S. DoD and contained phishing links that prompted recipients to enter their login credentials.  The compromised accounts were then used to make changes in the government systems and ultimately divert large sums of money. 

Oyuntur’s convictions carry more than 50 years imprisonment. One co-conspirator, Hurriyet Arslan, also pleaded guilty to money laundering, conspiracy, and bank fraud. 

2) City Loses $1.4 Million in Business Email Compromise Scam

In April 2022, hackers defrauded the City of Portland in Oregon via a Business Email Compromise scheme. They made off with $1.4 million after impersonating a non-profit organization via fraudulent emails. The city’s treasury flagged the requested wire transfer as the account name didn’t match. 

However, municipal employees asked the intended recipient, Central City Concern, for confirmation via email. The threat actors, pretending to be the non-profit, confirmed the details and the wire transfer was made.

Portland city officials only discovered the exploit after the bad actors attempted a second fraudulent wire transfer a few weeks later. IT employees then uncovered that the hijacked email account had been accessed from various regions, including Nigeria, Texas, and Germany. 

The city has since taken steps to improve its security, including implementing a multi-factor authentication system and increasing cybersecurity training. 

3) Over 70,000 Patients Affected by Kaiser Permanente Data Breach

Up to 70,000 Kaiser Permanente patients’ healthcare and personal data were exposed following unauthorized access to an employee’s emails. The data breach incident occurred in April 2022, potentially exposing patients’ full names, medical record numbers, dates of service, and laboratory test results.

According to the healthcare provider, the breach didn’t expose financially sensitive information (Social Security numbers and credit card details). Although the incident was contained within a few hours, the exposed health data remains at risk. 

4) Email Accounts of OpenSea Users Leaked

In June 2022, NFT marketplace OpenSea was a victim of a data breach via one of its vendors. An employee of its email delivery vendor, Customer.io,  stole email addresses linked with OpenSea accounts and newsletter subscriptions. The data was then shared with an unknown third party.

The company’s head of security, Cory Hardman, warned that any OpenSea account holder or newsletter subscriber should assume their email address was among those impacted. 

While no damage beyond the leaked email addresses was reported, the number of people likely affected by the breach is notable. 1.8 million users made purchases through the Ethereum network on OpenSea, according to data from Dune Analytics. 

It later emerged that the employee responsible for the data breach was a senior engineer at Customer.io. The email addresses of five other companies’ customers were also exposed in the incident.

5) 70,000 Mental Health App Users’ Email Addresses Exposed

A vulnerability was discovered in the Feelyou mental health app, owned by the Japan-based company Bajji, in July 2022. The issue exposed 78,000 users’ email addresses across more than 170 countries. 

Bajji founder Noritaka Kobayashi stated that the app doesn’t collect the personal information of its users, like names, phone numbers, credit card info, etc. However, the app’s GraphQL API didn’t require access authentication, leaving it open to cyber actors.

The Daily Dot informed the company of the vulnerability and the issue was fixed within 72 hours.

Bajji took further steps to protect user data. These measures include two-factor authentication and encryption of user data, as well as enhanced monitoring of its systems.

Other Notable Data Breaches in 2022

The above-mentioned email security and cybersecurity breaches were among the top incidents in 2022. But there were many more. Here are a few other famous data breaches of 2022:

The overwhelming number of cybersecurity and email security incidents in 2022 makes one’s head spin. Unfortunately, threat actors and cyberattacks aren’t going anywhere. If anything, they’re only becoming more sophisticated and complex.

The Impact of Major Cybersecurity and Email Security Breaches on Businesses 

The impact of cybersecurity and email security breaches on businesses can be severe. Cybersecurity incidents can lead to the loss of sensitive data, financial loss, reputational damage, and even legal action. Businesses may suffer from decreased customer trust and loyalty, increased costs to remedy the breach, and even potential prosecution. 

Confidential Information Loss

Confidential information loss refers to the unauthorized disclosure, destruction, or loss of business information. This includes customer data, trade secrets, financial records, and intellectual property. The impact of such losses can result in legal action and may shut down a business indefinitely.

Financial Loss   

The cost of a cyberattack depends on its type, size, and the organization affected. For example, a distributed-denial-of-service (DDoS) attack could cost a business anywhere from a few thousand to millions of dollars in lost revenue. Similarly, data breaches can cost hundreds of dollars in lost information, hefty fines, litigation expenses, and productivity loss.

Damage to Reputation

A cybersecurity or email security incident can also cause severe damage to a business’s reputation. Customers may become wary of the company if they hear about the attack, fearing their data isn’t secure. 

Reputation is one of the most critical assets for a business, and it can be easily injured. Damage to a business’s reputation can have far-reaching consequences, from lost customers and revenue to diminished employee morale. It can also lead to a decrease in market value, investor confidence, and potential legal and financial issues.

How Can EasyDMARC Protect Your Business Reputation?

EasyDMARC offers a unique email security solution that gives businesses the tools to protect their reputations. Our all-in-one platform provides authenticated domain protection, email authentication, and DMARC enforcement, among other easy-to-use features. 

Our platform helps ensure that emails are sent from legitimate sources, preventing them from being blocked or marked as spam. It also provides visibility into any malicious activity, allowing businesses to take action and mitigate any potential damage to their reputation.

To help protect your domain from malicious emails, spam, phishing, and other threats, EasyDMARC also provides a range of security features, including DMARC record monitoring, email authentication, and threat analysis.

These features can help protect your business from phishing scams, spoofing, and other email-borne threats. With EasyDMARC, you can prevent your domain being used for malicious purposes while increasing the deliverability of legitimate emails. 

Stop financial, data, and customer loss, and be one step ahead in securing your business by signing up to EasyDMARC today!

Comments
guest
0 Comments
Inline Feedbacks
View all comments

succees We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.

succees You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us