Capital Technology Group Blog

Capital Technology Group has been serving the Arkansas area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

A Look Back at Q1 2022’s Worst Data Breaches

A Look Back at Q1 2022’s Worst Data Breaches

Despite their best efforts, cybersecurity can be a major cause for concern for all kinds of businesses and organizations. Even with a full team of cybersecurity professionals, data breaches can occur, and many of the worst data breaches of 2022 have been quite devastating. Let’s take a look at some of the worst ones so far.

We want to emphasize that data breaches can happen to anyone, not just high-profile businesses. You’ll need to invest not just in protecting your business, but also in training your staff. If you want some help with this, you can contact Capital Technology Group for any and all concerns with your cybersecurity.

January 2022

Crypto.com

January 17 saw the cryptocurrency market become the target of a hacking attack. In this particular attack, 480 users’ cryptocurrency wallets on Crypto.com were targeted, with the hackers making off with $18 million in Bitcoin and $15 million in Ethereum and other currencies. The hackers managed to bypass the two-factor authentication to gain access to these wallets.

Tourisme Montreal

A hacking group called Karakurt targeted Montreal’s tourism agency. This hacking group became known all over the world for its extortion tactics, stealing data and demanding payment, threatening to release the data if the victim didn’t pay up. Over 60 million people were affected by this prolonged six-month attack.

Bernalillo County, New Mexico

Bernalillo County became the victim of a ransomware attack that forced the county office to close during the first week of January. This attack prevented employees from accessing local databases, which in turn kept them from doing their jobs. As a result, the county implemented cybersecurity policies and invested $2 million in revamping their computing infrastructure.

Ukraine

Before Russia invaded Ukraine, the latter was targeted by a cyberattack threatening the Ukrainian government that they should “be afraid and wait for the worst.” This attack brought down the Ministry of Foreign Affairs and other agency databases, and Ukrainian citizens were directed to the nation’s social media channels until the issue was taken care of.

February 2022

GiveSendGo

A Christian fundraising website called GiveSendGo became the target of a politically motivated data breach. The hackers redirected visitors to the Canadian Freedom Convoy protestors, all while posting the personal information of the 90,000 donors to the Freedom Convoy on the website.

Oiltanking Deutschland GmbH & Co.

A major supplier of fuel for Germany, Oiltanking Deutschland GmbH & Co., was forced to declare “force majeure” and scale back operations following a cyberattack. This declaration resulted in them being absolved of their contractual obligations for a limited time. This incident is estimated to cause the company over $4.5 billion in ransomware demands, downtime, and other costs.

Wormhole

A blockchain company called Wormhole had about $324 million in cryptocurrency stolen by hackers, resulting in a loss of 120,000 wETH (wrapped Ethereum). The company went offline to handle maintenance with a loss of millions of dollars. The company even put out a bug bounty of $10 million to learn more about the cause of the hack.

Washington State

Over 250,000 Washington residents had their personal data exposed as a result of the Washington State Department of Licensing database breach. They had to momentarily shut down their POLARIS system thanks to the breach. Some of the data stolen included personal and financial information for any vocation in Washington that needed a license.

San Francisco 49ers

The NFL team became the target of a ransomware attack, resulting in hackers making off with some of the team’s financial data. The hacking group responsible, BlackByte, gave the 49ers enough of a shock to restructure their entire cybersecurity strategy (but not before paying the ransom).

Ukraine

In the moments leading up to the Russian assault on Ukraine, websites for the Ukrainian army, the defense ministry, and most of their major banks were brought down. 

OpenSea

In a heist involving hundreds of NFTs and $1.7 million, users on the peer-to-peer networks of OpenSea were tricked into signing a malicious payload that authorized free gifts of NFTs back to the hacker.

March 2020

Viasat

Millions of broadband subscribers in eastern Europe lost access to their Internet networks as a result of a major cyberattack against Viasat. The company confirmed that it was indeed a cyberattack that brought down these connections—a DDoS attack, specifically.

Samsung

A hacking collective called Lapsus$ managed to steal 190GB of proprietary information from Samsung. The hacking group also teased the hack on social media claiming that they had “confidential Samsung source code.”

At Least Six US States

A cyber attacking group, called APT41, sponsored by the Chinese government took over the computing infrastructures of at least six U.S. states. This breach was a supposed espionage mission carried out by some of the most wanted cybercriminals out there.

Ubisoft

Ubisoft, a France-based video game developer, had its operations disrupted for several days following a cyberattack. Although no personal information was stolen, it became clear later on that Lapsus$ were the culprits behind the attack.

Israel

The Israeli government had their websites taken offline for over an hour thanks to a cyberattack. It was so bad that the National Cyber Directorate declared a state of emergency. It is thought that it was a state-sponsored DDoS attack.

Jefferson Dental and Orthodontics

Jefferson Dental and Orthodontics became the target of a data breach that affected over a million Texans. Hackers stole Social Security numbers, driver's license numbers, health information, and financial data.

Microsoft

Lapsus$ struck again when it leaked the source code for Microsoft’s Bing search engine and Cortana personal assistant. All it took was compromising a single account. Microsoft was able to shut down the operation before more was stolen.

ELTA

The National Postal Service for Greece was hit by a ransomware attack. Even though the hack was caught early on, operations were brought to a halt. Over 1,400 physical locations were affected, and operations had to be shut down for some time.

Axie Infinity

A cryptocurrency startup tied to Axie Infinity became the target of hackers, resulting in a loss of $540 million. Hackers gained access through the game and emptied users’ crypto accounts, something which became the second largest cryptocurrency theft thus far.

These attacks were the result of various threat methods and actors, proving that your organization cannot overlook anything security-related. Capital Technology Group can protect your business and help you implement better security practices and solutions. To learn more, reach out to us at (501) 375-1111.

Why a Creative IT Team is an Asset to Seek Out
The RSOCKS Botnet Shows the Dangers of Unsecured I...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, 22 November 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login


News & Updates

LITTLE ROCK, Ark. (May 15, 2023) - Long-time Little Rock-based Capital Business Machines and Innovative Systems Inc. (ISI) announced today a rebrand as Capital Technology Group, a move company officials say recognizes the company's growth as one of t...

Contact us

Learn more about what Capital Technology Group can do for your business.

Capital Technology Group
710 Jones St.
Little Rock, Arkansas 72205