Top 10 Biggest Data Breaches of 2022 – So Far

From the Lapsus$ attacks to one of the biggest crypto heists of all time, 2022 has been a fast-paced year for major data breaches. Let’s go over the biggest data breaches of the year, starting from the top.

#1: $540 Million Stolen in Ronin Breach

In March 2022, a group of hackers broke into the blockchain project Ronin and looted over $540 million in cryptocurrency – making this incident the second largest crypto heist ever. Ronin is the Ethereum sidechain used to power Axie Infinity, an online game involving NFTs.

The culprit would appear to be the Lazarus Group, a state-sponsored gang of hackers working for North Korea. The group was able to launder at least 18% of the stolen crypto immediately following the attack, and may have been able to launder more in the months since. So far, it does not appear that any of the stolen cryptocurrency has been recovered.

#2: Over 130 Companies Implicated in 0ktapus Breach

In August 2022, a cybersecurity report detailed an extended phishing campaign in which the attackers impersonated the authentication company 0kta. Through their efforts, the attackers successfully compromised at least 130 companies, including Cloudflare, Doordash, Mailchimp, and Twilio.

Cybersecurity researchers have dubbed the attacker group ‘0ktapus’ after the company they imitate in order to gain access. In a typical attack, the hackers direct their targets to a fake authentication page, where the victims would then enter their login credentials, giving the attackers access to their account.

Based on their choice of targets, researchers have speculated that the attackers were motivated primarily by financial reasons. Given the sheer number of companies compromised, it will likely take time for the full extent of this breach to become clear.

#3: “Total Compromise” at Uber

In August, a hacker under the alias ‘teapotuberhacker’ announced that they had breached Uber. The New York Times reported the attack “a total compromise” – by one account, the hacker “pretty much [had] full access to Uber.” Uber has said they have “no evidence” sensitive user data was exposed in the breach – but it appears the Uber’s source code, internal databases, and more were compromised.

Uber also said they suspect the hacker had ties to Lapsus$, the hacker group that has compromised several other high profile companies in 2022 – more on them in a minute. The hacker apparently purchased leaked credentials for a contractor working for Uber, and then proceeded to breach their account via an MFA fatigue attack.

#4: Lapsus$ Hacking Spree Breaches Microsoft & More

In the early months of 2022, the emerging hacker collective known as Lapsus$ launched a string of high-profile attacks. In February, they looted a terabyte of proprietary data from Nvidia. They first demanded Nvidia remove crypto-mining limitations on their graphics cards, before offering the leaked data for sale at a minimum price of $1 million.

Over the next two weeks, Lapsus$ leaked source codes and algorithms from Samsung and temporarily brought down Ubisoft’s online gaming services. Then they breached Microsoft, earning even bigger headlines. But this attack was limited in scope: they made off with partial source codes relating to Bing and Cortana, but little more.

The Lapsus$ attacks slowed down after London police arrested several teenagers on March 24. But the attacks picked up again later in the year, breaching Uber, as detailed above, and Rockstar Games, as we’ll get to soon enough.

#5: 69 Million Accounts Exposed in Neopets Breach

On July 19, a hacker posted data on 69 million Neopets users for sale on an online forum. The leak included personal data such as name, email address, date of birth, zip code, and more, as well as 460 MB of compressed source code for the Neopets website. The Neopets team confirmed the data breach via Twitter.

Neopets has been breached numerous times over the years. Several hackers and Neopets users have accessed the source code as well as user databases. If you ever used Neopets, it may be wise to delete your account to protect your data from future data breaches.

#6: Over $30 Million Stolen in Crypto.com Breach

On January 17, hackers broke into 483 users’ wallets on Crypto.com and proceeded to make off with roughly $18 million in bitcoin and $15 million in ethereum, as well as other cryptocurrencies. It appears these hackers were able to bypass two-factor authentication and then access these users’ wallets.

Crypto.com initially downplayed the hack before confirming it a few days after it occurred. In response, they reimbursed all customers who lost cryptocurrency, and said were auditing their systems and working to improve security.

#7: Up to 20 Million Plex Users Compromised

In August, Plex notified the majority of its roughly 20 million users that their account credentials had been compromised in a data breach. By Plex’s account, the hacker gained access to data including “emails, usernames, and encrypted passwords”, but no payment information. In response the incident, Plex strengthened the algorithm that encrypts account passwords.

#8: Hacker Leaks Footage From Rockstar Games

On September 18, a hacker under the alias ‘teapotuberhacker’ leaked roughly 50 minutes of footage of Grand Theft Auto 6, an upcoming game produced by Rockstar Games. They apparently obtained the footage by gaining access to the company’s Slack, where they proceeded to download the video clips. Rockstar acknowledged the leak in a statement released on Twitter.

#9: Block Discloses Cash App Breach Affecting 8 Million Customers

In an April SEC filing, Block (the company formerly known as Square) acknowledged that Cash App had been breached by a former employee in December of 2021. The leak included customers’ names, brokerage account numbers, and other data, such as portfolio value and stock trading activity. Block has since contacted over 8 million customers to inform them about the incident.

#10: Hacker Posts Data on 5.4 Million Twitter Users for Sale

In July, a hacker under the alias ‘devil’ posted on BreachForums that they had obtained personal data on 5.4 million Twitter users, including email addresses and phone numbers. The hacker had apparently exploited a vulnerability to scrape this data from Twitter, and posted it for sale with an asking price north of $30,000.

The vulnerability was first identified in January 2022 by the white hat hacker Zhirinovskiy. Twitter apparently patched up the vulnerability – but on August 5th, they acknowledged that it played a part in the July data breach. They have since notified most of the accounts affected – though they also acknowledged that they could not confirm all of the accounts that were compromised in this breach.

More Notable Data Breaches — Including Social Security Numbers

The above breaches are the biggest of the year in terms of users affected, money stolen, and critical data implicated. But there are several notable smaller breaches – especially those in which social security numbers were compromised.

Up to 2 Million People Compromised in Shields Health Care Group Breach

In June 2022, the Massachusetts-based Shields Health Care Group disclosed that they detected a breach in March 2022. The records included names, social security numbers, medical records, and other sensitive personal information.

Though Shields Health Care Group asserted they found no evidence the stolen information had been used to commit identity theft or fraud, there is a very real possible this information will be misused in the near future – if the hackers haven’t done so already.

1.8 Million People Exposed in Texas Department of Insurance Leak

In May 2022, a state audit revealed a data leak at the Texas Department of Insurance, compromising 1.8 million Texans. The data in question, including social security numbers and other sensitive personal information, was widely accessible on the department website from March 2019 to January 2022.

This issue was fixed shortly after it was identified in January. The state audit was completed in March, and only in May did it become known to the public. As far as the auditors could tell, this data was not accessed by unauthorized individuals.

1.5 Million People Compromised in Flagstar Bank Breach

In June 2022, Michigan-based Flagstar Bank notified customers of a data breach in which hackers stole the social security numbers of 1.5 million customers. The attack itself occurred in early December 2021, and Flagstar discovered the breach in early June 2022. In response, Flagstar notified law enforcement officials of the breach and hired a cybersecurity firm to help handle the incident.

For more information, see our guide to the most recent data breaches, or check out the biggest data breaches of all time.

About the Author

Find Michael on

Michael X. Heiligenstein

Leave a Comment