Cybersecurity Roundup: Data Breaches from the First Half of 2022 (Part One)

As cybersecurity is a world that is constantly evolving, IT professionals must keep a close eye on developments to avoid experiencing data breaches. In Part One of our Cybersecurity Roundup for 2022, we will look at new actors and old threats in the world of business and healthcare-related hacking.

Healthcare Data Breaches

Nobody wants to receive an e-mail or letter stating that their personal health information was accessed in a data breach. Unfortunately, that is the reality for millions of individuals across the globe this year. Just within the United States, millions of personal health records have been exposed, with targets ranging from local dental offices to massive hospital networks.

  • In January, North Broward Hospital in Florida send letters alerting as many as 1,351,431 patients that their data was compromised in a breach in late 2021.
  • South Shore Hospital in Chicago, IL alerted 115,670 patients of the protected health information, such as name, date of birth, health insurance information, medical details and diagnoses, and Medicare and Medicaid information. While the initial breach took place in December of 2021, the process of notifying patients started in February.
  • Logan Health Medical Center, a Montana-based medical provider, notified 213,543 patients, employees, and business associates that there was a data breach that included names, Social Security numbers, dates of birth, and contact information. The breach happened in late 2021, though the investigation and notification of patients began in February.
  • An Alabama medical practice, Norwood Clinic, notified 228,103 individuals that the data in their account may have been breached in a cyber attack towards the end of 2021.
  • In March, South Denver Cardiology Associates announced to patients that it was the victim of a cyber attack and that the personal health data of 287,652 may have been accessed.
  • The state of Texas published to their website a breach from Jefferson Dental and Orthodontics that potentially impacted 1,000,000 patients. The breach is the largest ever reported to the Texas Attorney General. Types of data exposed or stolen include Social Security numbers, driver’s license numbers, health insurance information and financial information.
  • CSI Laboratories announced it was a victim of a cyber attack and determined that 312,000 individuals were impacted.
  • Partnership Healthplan of California announced that it had been hacked, and a ransomware group called Hive claimed they had gained access to 850,000 patients’ data.
  • SuperCare Health released a statement letting patients know that they suffered a data breach which impacts the records of 318,379 patients
  • Shields Health Care Group disclosed that they detected a breach which could impact as many as 2,000,000 people.

These are only a few of the multitude of breaches that have been reported over the course of the year so far. If you are interested in looking at these breaches more in depth, check out the investigation list on the U.S. Department of Health and Human Services Office for Civil Rights site and the HIPPA Journal’s monthly Data Breach Reports.

Business Data Breaches

Businesses of all stripes use digital tools to function in the global market, but storing data online means that it can be breached by hackers anywhere in the world. Some notable corporate cybersecurity incidents of the last two quarters include:

  • Ethos Technology, a tech company, noticed that a third party may have compromised client details between July 15, 2021 and January 12, 2022.
  • In January, The Washington State Department of Licensing detected a breach that impacted at least 650,000 professionals. This breach has limited some citizens’ ability to access their licenses as certain aspects of the site were frozen to facilitate the investigation.
  • The nonprofit Goodwill attributed a breach to a site vulnerability which has since been fixed.
  • On January 17, 2022, a malicious actor stole about $18 million in Bitcoin and $15 million in Ethereum, as well as some other cryptocurrencies, from 483 wallets on Crypto.com. The hacker bypassed the site’s two factor identification.
  • Harbour Plaza Hotel Management, a company from Hong Kong, announced that it suffered a breach of its reservation database which impacted about 1,200,000 customers.
  • Kojima Industries, a company that provides plastic parts to auto manufacturers in Japan, underwent a cyberattack in late February, which ground operations to a halt in some Japanese plants for Toyota and its subsidiaries, Hino Motors, and Daihatsu Motor.
  • A string of high profile companies, such as Microsoft, Nvidia, Samsung, Ubisoft, and Okta were breached by Lapsus$. On March 20, 2022, the hacker group Lapsus$ posted they had breached Microsoft, and the next day announced they had breached Okta was breached as well, with Lapsus$ critiquing their victim’s security posture: “For a company that supports Zero-Trust. Support Engineers seem to have excessive access to Slack? 8.6k channels? (You may want to search AKIA* on your Slack, rather a bad security practice to store AWS keys in Slack channels 😉)” Another interesting detail about the group is that they are relative newcomers, choose audacious targets, and are potentially young teens from Brazil and the UK.
  • Pegasus Airline, a Turkish company, had 23 million files compromised, including about 400 files with keys and plain text passwords, due to some misconfigurations.
  • On March 23, some $173,600 Ether and $25.5 million USD was stolen from crypto network Ronin Network, ultimately totaling $625 million dollars in value. This may have been the biggest crypto heist so far, and the US Treasury Department believes this may be due to North Korea’s Lazarus group.
  • Block, the company that manages Cash App, announced that data was breached when a former employee accessed reports that included U.S. customer information. The company contacted more than 8,000,000 customers to alert them of the breach.
  • Lakeview Loan Servicing disclosed a breach that impacted 2,537,261 mortgage borrowers, including loan information and Social Security numbers.
  • Mailchimp suffered a data breach due to a social engineering attack. The actors combed through data to get email contact information from financial and crypto groups. Then the hackers utilized the information to send a phishing e-mail to customers of Trezor, a hardware cryptocurrency wallet.
  • Flagstar Bank notified customers that hackers accessed their systems and stole the names, personal identifiers, and the social security numbers of 1,547,169 customers.

Unfortunately, data breaches are part of the fabric of the modern world, but you can protect yourself by maintaining good data privacy hygiene, keeping all your computer programs updated, and investing in software that protects your data access points. Keep up to date with emerging malicious actors on the cybersecurity scene, and check back to read Part Two to get an outline of Public and Political Data Breaches.

Take steps to protect your data today so you are not included on the list of victims from the second half of 2022!

About DriveStrike

DriveStrike is an all-in-one endpoint security solution that integrates Remote Locate, Lock, and Wipe services with Encryption management in one secure online console. Begin defending your data today with mass deployment options for phones, tablets, and computers on any operating system. Start your 30 Day Free Trial and begin protecting data today with DriveStrike!