Recent Data Breaches – 2023

A string of high-profile data breaches came to light in February, including attacks on the U.S. Marshals Service, Activision, and more. So far in March, AT&T notified 9 million customers that their data had been exposed, and a ransomware group claimed to have stolen data pertaining to Amazon Ring.

Below, you’ll find an overview of the latest data breaches, starting with the most recent.

March 2023: Ransomware Group Claims to Have Amazon Ring Data

On March 13, a ransomware group called ALPHV claimed on the darkweb that they had breached Ring, Amazon’s doorbell security company. An Amazon spokesperson said that they had “no indications that Ring experienced a Ransomware event,” and in another statement noted that third-party vendor may have experienced a breach.

While it is possible this ransomware group has data pertaining to Ring customers, we have found no other evidence so far that would substantiate a data breach of Amazon Ring.

March 2023: AT&T Customer Data Exposed Following Attack on Vendor

In March, AT&T notified roughly 9 million customers that their data had been compromised following an attack on a third-party vendor. AT&T described the exposed data as “Customer Proprietary Network Information,” including data on customers’ wireless plans and payment amounts. According to AT&T, sensitive personal or financial information was not exposed in the attack.

March 2023: Congress Members’ Data Exposed in DC Health Link Breach

On March 8, thousands of U.S. lawmakers and government employees were notified that their sensitive data may have been exposed in a breach on DC Health Link, a health insurance provider for Congress.

By then, the data had already been posted for sale on Breached Forums. Capitol Police stated that they were working with the FBI to investigate the incident.

February 2023: U.S. Marshals Service Discloses Data Breach

On February 27, U.S. law enforcement officials acknowledged that the U.S. Marshals Service discovered a data breach and ransomware attack on February 17. A spokesperson said that the leaked data included “returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”

According to the USMS, data pertaining to the witness protection program was not implicated in the attack. An investigation is still ongoing.

February 2023: Activision Data Breach Comes to Light

On February 21, Activision acknowledged that they suffered a data breach in December 2022, after a hacker tricked an employee via an SMS phishing attack. According to one source, the hacker gained access to the Slack account of an HR employee, as well as data such as email addresses, phone numbers, and salaries of Activision employees. The data also included a release calendar of upcoming games, but does not appear to have contained any source code or customer data.

Activision did not inform anyone of the breach at the time, and only acknowledged the breach after the security research group vx-underground brought it to light on Twitter.

February 2023: Pepsi Bottling Ventures Exposed in Malware Attack

In February 2023, Pepsi Bottling Ventures filed a security incident notice acknowledging that they had experienced a malware attack on December 23, 2022, and discovered the breach on January 10. Stolen data apparently includes personal information, such as social security numbers and login credentials, but it is unclear whether this information pertains to customers or to employees.

It is also unclear if PepsiCo was affected by the breach. Pepsi Bottling Ventures is the largest bottler of Pepsi in the United States, but they are a distinct company from PepsiCo itself.

February 2023: 3.3 Million Patients Exposed in Heritage Provider Network Breach

In February, the California-based Heritage Provider Network disclosed to patients that they had suffered a ransomware attack on December 1. Over 3 million patients’ data was exposed in the leak, including social security numbers, medical records, and other highly sensitive information.

Since this disclosure, several class action lawsuits have been filed against Heritage Provider Network and its partners.

February 2023: Over 130 Companies Implicated in GoAnywhere Attacks

On February 1, Fortra disclosed to its customers that hackers had exploited a zero-day exploit on their GoAnywhere MFT file transfer tool. Several days later, the Clop ransomware group claimed credit for using this exploit to breach over 130 companies that had used the tool in question.

Among the companies affected was Community Health Systems, which operates over 1,000 healthcare sites across the United States. In an SEC filing on February 13, the company estimated that personal information pertaining to roughly 1 million people had been exposed in the data breach.

January 2023: PeopleConnect Data on 20 Million Customers Posted to Hacker Forum

On January 21, a hacker publicly posted data pertaining to InstantCheckMate and TruthFinder, two popular background check services owned by PeopleConnect. This data included records on over 20 million customers, and was apparently lifted from a backup file dating to 2019.

January 2023: T-Mobile Discloses Data Breach Affecting 37 Million Customers

On January 19, T-Mobile disclosed that a cyberattacker stole personal data pertaining to 37 million customers. T-Mobile said the breach only included “a limited set of customer account data,” though it included names, addresses, phone numbers, account numbers, and more.

This incident occurred in November 2022. T-Mobile detected the breach on January 5, 2023, after which they quickly shut down the vulnerability in question and launched an investigation into the incident.

Following the incident, Google notified Google Fi customers that their data was also implicated in this breach. Other Google services were not affected by this attack.

January 2023: No Fly List Leaks Over Unsecured Server

On January 19, a Swiss hacker under the alias ‘maia arson crimew’ reported that she had accessed a 2019 version of the No Fly List, in the form of a CSV file containing over 1.5 million names. By her account, she found the file on an exposed server belonging to a regional airline, CommuteAir.

The hacker has not disclosed this information publicly, though she has shared it selectively with journalists, human rights organizations, and “other part[ies] with legitimate interest.” TSA and CommuteAir have both released statements that they are investigating the incident.

January 2023: Paypal Reports Credential Stuffing Attack

On January 19, Paypal sent out data breach notifications to nearly 35,000 customers whose accounts had been improperly accessed. This incident was a credential stuffing attack, in which the hacker leveraged passwords and other data that had been exposed in prior incidents involving other services.

This is a case example of why you should not reuse passwords. If you use the same password across multiple websites, an attacker that steals your password in one data breach (or finds it on the darkweb) can then use across any account that uses the same login credentials.

January 2023: Norton LifeLock Warns Customers of Credential Stuffing Attack

In mid-January, Gen Digital, the parent company of Norton LifeLock, sent out notices to users warning of a credential stuffing account, in which a hacker breaks into users’ accounts via credentials found or purchased on the darkweb.

Gen Digital detected the attack after noting “an unusually large volume” of failed login attempts on December 12. By their accout, they have notified some 6,450 users who may have been affected.

January 2023: Mailchimp Discloses Social Engineering Attack

On January 11, Mailchimp detected a social engineering attack in which a hacker tricked an employee into giving away their account credentials. They proceeded to access 133 user accounts. Mailchimp proceeded to shut down the attack and alert their users that may have been affected.

January 2023: Database of Over 200m Twitter Users Goes Public

Following a string of ransom attempts and leaks, a trove of data on over 200 million Twitter users circulated among hackers in December 2022, and was published in full on BreachForums on January 4th. This data includes email addresses, names, and usernames, but does not appear to include passwords or other highly sensitive data.

This data was originally scraped by exploiting an API vulnerability that was exposed from June 2021 to January 2022. This vulnerability was exploited repeatedly by different hacker, and resulted in multiple ransomware attempts and leaks in the latter half of 2022. Most recently, a hacker known as Ryushi attempted to ransom the data for $200,000 in late December.

Some reports have pegged the number of compromised accounts as high as 400 million, but after removing duplicates, the final number appears close to 210 million. It does include data on a number of high-profile accounts, such as those of Alexandria Ocasio-Cortez, Donald Trump Jr, and Mark Cuban.

That’s it for 2023 — so far. Below you’ll find recent breaches from 2022. You can also see here for the biggest breaches of 2022.

December 2022: Slack Code Repositories Compromised

On December 29, Slack disclosed that their private code repositories on GitHub had been hacked into. The attacker used stolen employee credentials to break in and proceeded to download some of Slack’s code. It does not appear any customer data was compromised in this breach.

December 2022: LastPass Discloses Password Database Breach

On December 22nd, LastPass updated a blog post with new information regarding a breach that occurred in August 2022. It now appears that customer data was implicated in the breach — specifically, a database of encrypted password vaults. Apparently, the attacker used data obtained in the August breach to compromise another employee and obtain the access credentials that enabled them to break into the the password database.

Just because the hackers have the encrypted vaults does not mean they know the passwords themselves. It would be very difficult — but not strictly impossible — for these hackers to crack the encryption and access the passwords themselves. Granted, it’s never a bad idea to change your passwords, especially in the wake of a data breach such as this one.

December 2022: Okta Source Code Stolen in GitHub Breach

On December 21st, Okta announced in a blog post that their source code repositories were compromised in an attack on GitHub. It is not clear how the attacker broke in. Fortunately, it does not appear that customer data was implicated in the breach. This is the third Okta breach so far this year, following significant incidents in March and August.

December 2022: Uber Data Stolen in Attack on Third-Party Vendor

On December 10th, a new trove of Uber data surfaced on Breached forums. This haul included personally identifiable information pertaining to 77,000 Uber employees, as well as internal reports and possibly even source code. The data was apparently compromised in an attack on Teqtivity, a third-party vendor.

Uber confirmed that the breach was unrelated to the Uber breach that happened in September 2022, and stated that the source code implicated in the breach did not belong to Uber. Teqtivity also acknowledged the breach and notified those affected. At this time, it does not appear that any Uber customer data was stolen in this data breach.

November 2022: Hacker Publishes Data on 5.4 Million Twitter Users

On November 24th, a hacker published data including email addresses and phone numbers of 5.4 million Twitter users on a hacker forum. This hacker had exploited an API vulnerability in late 2021 to scrape this data, and attempted to sell it for $30,000 in July 2022.

Apparently, the data in question was not that valuable. As mentioned, it only included emails and phone numbers, though the hacker in question did note that “celebrities and OGs” were implicated in the breach.

But those 5.4 million users might not be the only ones affected. On November 25th, security expert Chad Loder posted on Mastodon that another breach may have happened in 2021 using a similar exploit, implicating at least 1.3 million French Twitter users.

November 2022: Ransomware Hacker Steals Medibank Data on 9.7m Customers

On November 7th, an unidentified hacking group publicly threatened Medibank, the largest health insurance provider in Australia. Claiming to possess data on 9.7 million current and former customers, the hacker said they would publish the data within 24 hours if their demands were not met. Medibank confirmed that nearly 500,000 health claims had also been unlawfully accessed in the breach.

Medibank ultimately refused to pay the ransom, causing the attackers to leak patient information on the darkweb. Although the attackers have not been officially identified, cybersecurity experts believe they were affiliated with the Russian ransomware group REvil.

October 2022: 2.4 Terabytes of Data Exposed on Microsoft Server

On October 19th, security firm SOCRadar identified over 2.4 terabytes of exposed data on a misconfigured Microsoft endpoint. By SOCRadar’s account, this data pertained to over 65,000 companies and 548,000 users, and included customer emails, project information, and signed documents.

Microsoft acknowledged the data leak in a blog post. They also said they had secured the endpoint and notified the accounts that had been compromised, and elaborated that they found no evidence customer accounts had actually been compromised — only exposed. Microsoft also disputed some key details of SOCRadar’s findings:

After reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue.  Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.

Read more in our complete timeline of Microsoft data breaches.

September 2022: Kiwi Farms Breached

On September 19, the owner of harassment forum Kiwi Farms acknowledged that the site had been hacked. Per his description, user’s passwords, emails, and IP addresses were exposed in the incident. In this case, it appears the hacker used session hijacking to steal the administrator credentials to the website.

September 2022: American Airlines Discloses Data Breach

On September 16, American Airlines notified customers and legal officials that they had discovered a breach in July of 2022. American Airlines has described the number of people affected as “very small”; per one legal filing, it would appear 1,708 customers and employees’ data exposed in the incident. The breach appears to have been the result of a phishing attack.

September 2022: Hacker Breaches Rockstar Games, Leaks GTA6 Footage

On September 18, a hacker under the alias ‘teapotuberhacker’ leaked roughly 50 minutes of footage of Grand Theft Auto 6, an upcoming game produced by Rockstar Games. They apparently obtained the footage by gaining access to the company’s Slack, where they proceeded to download the video clips. Rockstar acknowledged the leak in a statement released on Twitter.

The same hacker, who appears to be affiliated with the Lapsus$ group, managed to breach Uber in the same week — read on.

September 2022: Lapsus$-Affiliated Hacker Compromises Uber

On September 15, a hacker announced in Uber’s private Slack channel that he had breached the company. One security engineer described it to the New York Times as “a total compromise”, and stated that “They pretty much have full access to Uber.” Uber’s source code, internal databases, communication channels, and more were all compromised in the breach.

This appears to have been a social engineering attack. The hacker, who uses the alias ‘teapotuberhacker,’ was able to successfully get past multi-factor authentication by repeatedly spamming an Uber employee with requests to grant access, claiming to be an IT worker. This same hacker has also claimed credit for the Rockstar Games breach.

In a statement released September 17th, Uber said they had found “no evidence that the incident involved access to sensitive user data (like trip history).” Uber has linked this breach to the Lapsus$ group, which has compromised companies such as Nvidia, Samsung, and Microsoft.

September 2022: U-Haul Discloses Data Breach Including Driver’s License Numbers

On September 12, U-Haul notified customers that they had detected a breach that included customers’ names and driver’s license numbers — but not any credit card information. Apparently, the attackers had access to U-Haul’s rental contracts portal from November 2021 to April 2022. U-Haul discovered the breach in July, and, after investigating the incident, disclosed it in September.

September 2022: Alleged TikTok Breach Appears to Be False Alarm

On September 3rd, a hacker going by the alias “AgainstTheWest” claimed to have breached TikTok on Breach Forums. However, TikTok has disputed the breach, stating that “We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases.”

They aren’t the only ones to dispute this hacker’s claims. Troy Hunt, creator of Have I Been Pwned, investigated the data and deemed it “inconclusive”. And the owner of Breach Forums, the hacker “pompurin”, banned AgainstTheWest for lying about multiple data breaches:

Please note that the breach is not from TikTok, and that he most likely was lying or didn’t even investigate it before making such outrageous claims. AgainstTheWest has had a long history of lying about breaches or other things (Saying he’s a State sponsored hacking group… lol) and this was just the tipping point.

As far as we can tell, the hacker scraped publicly available information from TikTok. But TikTok itself does not appear to have been hacked, and private data does not seem to have been leaked.

August 2022: 130+ Companies Compromised in 0ktapus Phishing Breach

On August 25, the cybersecurity company Group-IB published a report detailing a months-long phishing campaign that has compromised at least 130 companies, including Cloudflare, Doordash, Mailchimp, and Twilio.

The attackers, whom researchers have given the moniker ‘0ktapus’, executed their attack primarily by imitating the authentication service Okta. Via text message, they would direct their targets to a fake authentication page, where the victims would then enter their login credentials, giving the attackers access to their account.

These attackers have often used one compromised service to breach another. They leveraged their access to Twilio’s phone number verification services, for instance, to attempt to compromise 1,900 Signal users.

Money would appear to be the motive behind these attacks; Group-IB noted that many of the companies targeted were financial, providing crypto and investment services.

August 2022: Plex Notifies Users of Data Breach

On August 23, streaming platform Plex notified its users of a data breach and urged them to change passwords. By Plex’s account, the hacker gained access to data including “emails, usernames, and encrypted passwords”, but no payment information. In response the incident, Plex strengthened the algorithm that encrypts account passwords.

August 2022: Apple Identifies and Patches Two Security Vulnerabilities

On August 17, Apple released an update to shore up iOS, iPadOS, and macOS against two security vulnerabilities: one in WebKit, which underpins Safari and other apps, and another in the kernel of the operating system itself.

Per Apple, the Webkit vulnerability could allow malicious web pages to execute code on the device. The operating system vulnerability could allow a malicious app “to execute arbitrary code with kernel privileges”, giving it broad power over the infected device. Apple acknowledged they were “aware of a report this issue may have been actively exploited” by malicious actors, but did not go into greater detail.

Fortunately, it appears the fix is already available. To ensure your devices are secure, go into your settings, check for updates, and update your device if necessary.

For more on Apple security breaches, see our complete timeline.

August 2022: Cisco Shares Report on VPN Breach

On August 10th, Cisco shared its report on a breach that occurred to their network on in May 2022. The attackers gained access to the Cisco VPN via a combination of compromised employee credentials, vishing, and MFA fatigue attacks.

Once they had access, the attackers began preparing for a ransomware attack — but Cisco’s engineers were able to stop them before they could go any further, limiting the scope of this breach. In September, Cisco noted in an update that the attacker may have ties to the Lapsus$, Yanluowang, and UNC2447 attacker groups.

August 2022: QuestionPro Extortion Attempt Goes Public

In May 2022, a hacker under the alias “pompompurin” contacted QuestionPro in an extortion attempt, claiming he had stolen 22 million email addresses and other data from the company. This hacker asked for payment in the form of Bitcoin – but QuestionPro refused his demands.

After QuestionPro declined to pay him, “pompompurin” informed Have I Been Pwned of the breach in August 2022 . So far, QuestionPro has not confirmed whether the breach happened. This hacker has previously pulled off attacks on the FBI and Robinhood, so it is possible he was able to breach QuestionPro.

July 2022: Hacker Posts Data on 5.4 Million Twitter Users For Sale

On July 21st, 2022, a hacker under the alias ‘devil’ posted on BreachForums that they had obtained personal data on 5.4 million Twitter users, including email addresses and phone numbers. The hacker had apparently exploited a vulnerability to scrape this data from Twitter, and posted it for sale with an asking price north of $30,000.

The vulnerability was first identified in January 2022 by the white hat hacker Zhirinovskiy. Twitter apparently patched up the vulnerability – but on August 5th, they acknowledged that it played a part in the July data breach:

In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter’s systems. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any. This bug resulted from an update to our code in June 2021. When we learned about this, we immediately investigated and fixed it. At that time, we had no evidence to suggest someone had taken advantage of the vulnerability. 

In July 2022, we learned through a press report that someone had potentially leveraged this and was offering to sell the information they had compiled. After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed.

Twitter has notified most of the accounts affected – though they also acknowledged that they could not confirm all of the accounts that were compromised in this data breach.

July 2022: Neopets Data Breach Exposes Data on 69 Million Accounts

On July 19, 2022, a hacker posted data on 69 million Neopets users for sale on an online forum. The leak included personal data such as name, email address, date of birth, zip code, and more, as well as 460 MB of compressed source code for the Neopets website. The Neopets team confirmed the data breach via Twitter.

Neopets has been breached numerous times over the years. Several hackers and Neopets users have accessed the source code as well as user databases. If you ever used Neopets, it may be wise to delete your account to protect your data from future data breaches.

July 2022: Marriott Confirms 20 GB Data Breach

In July 2022, Marriott International confirmed that hackers had stolen 20 gigabytes of sensitive data in June 2022. The breach apparently resulted form a social engineering attack, in which an anonymous hacking group tricked an employee into granting them access.

Marriott stated that the hacking group in question only obtained access to a single employee’s computer, and asserted that the scope of the breach was limited. The stolen data included internal business documents, flight information, and corporate credit card numbers.

Following the incident, Marriott said they would notify the 300-400 individuals whose data was implicated in the breach.

June 2022: Up to 2 Million Affected By Shields Health Care Group Breach

In June 2022, the Massachusetts-based Shields Health Care Group disclosed that they detected a breach in March 2022. The records included names, social security numbers, medical records, and other sensitive personal information.

Though Shields Health Care Group asserted they found no evidence the stolen information had been used to commit identity theft or fraud, there is a very real possible this information will be misused in the near future – if the hackers haven’t done so already.

June 2022: Flagstar Bank Notifies Customers of Breach Affecting 1.5m

In June 2022, Michigan-based Flagstar Bank notified customers of a data breach in which hackers stole the social security numbers of 1.5 million customers. The attack itself occurred in early December 2021, and Flagstar discovered the breach in early June 2022. In response, Flagstar notified law enforcement officials of the breach and hired a cybersecurity firm to help handle the incident.

June 2022: Former Amazon Employee Convicted for Capital One Breach

In June 2022, former Amazon employee Paige Thompson was convicted for her role in the 2019 Capital One breach. While working for Amazon Web Services, Thompson exploited her knowledge of cloud server vulnerabilities at Capital One and more than 30 other companies. All told, Thompson stole the personal information of over 100 million people, including names, dates-of-birth, and social security numbers.

The defense portrayed Thompson as an ethical hacker seeking to notify companies of vulnerabilities before bad actors could exploit them. The U.S. Department of Justice argued otherwise, noting that Thompson failed to notify the companies she breached, bragged about the incident on hacker forums under the alias “erratic”, and profited from the breach by installing cryptomining software on many of the servers she hacked. As assistant U.S. attorney Andrew Friedman put it in his closing arguments, “She wanted data, she wanted money, and she wanted to brag.”

After ten hours of deliberation, a Seattle jury found Thompson guilty of wire fraud, as well as five counts of unauthorized access to a protected computer and damaging a protected computer. They found her not guilty of access device fraud and aggravated identity theft. Thompson could face up to 45 years in prison.

Not that Capital One got off easy. Finding their security practices lacking, the Office of the Comptroller of Currency fined Capital One for $80 million, and the company paid out an additional $190 million settlement in a class action lawsuit.

May 2022: Texas Department of Insurance Data Leak Comes to Light

In May 2022, a state audit revealed a data leak at the Texas Department of Insurance, compromising 1.8 million Texans. The data in question, including social security numbers and other sensitive personal information, was widely accessible on the department website from March 2019 to January 2022.

This issue was fixed shortly after it was identified in January. The state audit was completed in March, and only in May did it become known to the public. As far as the auditors could tell, this data was not accessed by unauthorized individuals.

April 2022: Block Confirms Cash App Data Breach

In an SEC filing made on April 4, Block (the company formerly known as Square) acknowledged that Cash App had been breached by a former employee in December of 2021. The leak included customers’ names, brokerage account numbers, and other data, such as portfolio value and stock trading activity.

Block has not been forthcoming about how many customers were affected in total, but the company is contacting over 8 million customers to inform them about the incident. Based on what they’ve said so far, no other personally identifiable information or account credentials were leaked in the incident.

March 2022: Microsoft Breached by Lapsus$ Hacker Group

On March 20, 2022, the hacker group Lapsus$ posted a screenshot to their Telegram channel indicating that they had breached Microsoft. The screenshot was taken within Azure DevOps, a collaboration software created by Microsoft, and indicated that Bing, Cortana, and other projects had been compromised in the breach.

On March 22, Microsoft issued a statement confirming that the attacks had occurred. In it, they asserted that no customer data had been compromised; per Microsoft’s description, only a single account was hijacked, and the company’s security team was able to stop the attack before Lapsus$ could infiltrate any deeper into their organization.

In their statement, Microsoft’s security team described Lapsus$ as “a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.” They go on to describe the group’s tactics in great detail, indicating that Microsoft had been studying Lapsus$ carefully before the incident occurred.

For their part, Lapsus$ has repeatedly stated that their motivations are purely financial: “Remember: The only goal is money, our reasons are not political.” They appear to exploit insider threats, and recently posted a notice asking tech workers to compromise their employers.

March 2022: Lapsus$ Group Breaches Authentication Company Okta

On March 21, Lapsus$ posted on Telegram that they had breached Okta, an authentication company. The following day, Okta acknowledged the breach and stated that approximately 2.5% of their customers had been exposed in the incident. Per Okta’s description, Lapsus$ infiltrated their company via a third-party customer support provider.

On Telegram, Lapsus$ disputed many points Okta made in their blog post, and fiercely criticized Okta’s security practices, in a number of points such as the following:

For a company that supports Zero-Trust. Support Engineers seem to have excessive access to Slack? 8.6k channels? (You may want to search AKIA* on your Slack, rather a bad security practice to store AWS keys in Slack channels 😉)

March 2022: Ronin Network Breached in $540 million Crypto Heist

On March 23, a group of hackers exploited a security vulnerablity to loot $540 million in cryptocurrency from the Ronin Network. Most of that money was stolen from Axie Infinity, a popular game that uses cryptocurrency and NFTs. The hackers in question appear to have ties to North Korea.

February 2022: Ottawa Freedom Convoy Donors Leaked via Christian Fundraising Platform

In February 2022, hackers hijacked GiveSendGo, a Christian fundraising website. They redirected the site to a page condemning the Canadian Freedom Convoy protestors, and posted personal details on the 90,000 people who had donated to the Freedom Convoy via the website.

January 2022: Over $30 Million Looted in Breach

On January 17, 2022, hackers broke into 483 users’ wallets on, and proceeded to make off with roughly $18 million in bitcoin and $15 million in ethereum, as well as other cryptocurrencies. It appears these hackers were able to bypass two-factor authentication, and then access these users’ wallets.

Immediately following the breach, described the event as an “incident”, not a hack, and reported that no users’ currencies had been stolen. A few days later, they clarified that money had been stolen in the hack, and stated that they had reimbursed the affected users. They also said they had audited their systems and were working to improve their security.


That wraps our timeline of the most recent data breaches. For more, see our data breaches timeline for 2021. You can also see here for the biggest breaches of 2022.

About the Author

Find Michael on LinkedIn

Michael X. Heiligenstein

Michael X. Heiligenstein is the founder and editor-in-chief of the Firewall Times. He has six years of experience in online publishing and marketing. Before founding the Firewall Times, he was Vice President of SEO at Fit Small Business, a website devoted to helping small business owners. He graduated from the University of Virginia with a degree in English and History.

6 thoughts on “Recent Data Breaches – 2023”

  1. Technology companies need to be held responsible for the security of their customers’ sensitive information at a higher standard than what they are held at now. Too many breaches and their apologies aren’t stopping these criminal activities that drastically affect the customer’s life in general. Perpetual harassment, hacking, spoofing, more of the customer’s personal information are constantly being exposed unknowing to the customer because some of these companies would rather lie about the breached that happened, rather than to immediately informed all of its customers to take precautive measures. This will helped the customer to become more aware of his or her vulnerabilities that they are presently faced with. Money to these companies means more than their customers’ privacy. They don’t have a problem raising prices for telephones and services render, and getting the information out to the public with adequate advertising. Why cannot these companies do the same thing informing their customers that their sensitive information and privacy have been breached, hacked, stolen. These companies had enough money to provide much, much better security. No, they don’t do that because the customer/s now have to spend money for personal protection because of these companies irresponsibility. How are these techs being trained to protect the companies at large and their customers. If your company has been hacked, data breached, SSN and Driver’s license stolen, then these companies need to used a different method of securing individuals’ sensitive personal information. Your SSN that’s all a toxic employees/individuals need to destroy another person, especially if that person is well advance in life. All they can do to poor people who has no money is to constantly harassed, violate the first amendment rights by bugging and blocking cellular phone usage, etc. If these companies would come together instead of undermining each other, put their minds together, you all would be able to solve or diminish the majority of these hacking and breached attacks. Your companies wouldn’t be losing customers, but gaining security power to overcome the negativity and devices being used to infiltrate your companies on a daily, monthly, and yearly basis. You would have less class actions suit, less disgruntle customers and more security. If these toxic individuals are working together, why not work together to defeat their intrusive behaviors. One stands alone, the company pays a hefty price. Companies come together and work closely with each other…strength in defeating this culprit of mass destruction called spyware, spam ware, hacking and hackers would be eliminated. A sure success to annihilate this enemy at its core would take place. A process but coming together and working as a team would alleviate the majority of your problems. The next thing is to stop out sourcing your work to these foreign countries, who is using your own information against your computer. The majority of these leaks and breaches have to come from someone who knows how to access your company’s information. When any employees leave or are dismissed… everything password, sensitive coding that they have access to should be changed immediately. If you don’t have an employee trained for that specific purpose, train one. Information in these technological companies shouldn’t be breached or hacked into that easily. SSN is numbers are the gateway to every aspect of an individual’s life… that’s all it takes to destroy an innocent customer’s life as a whole….and these breached, hacks aren’t being taken as seriously as they should. One time is too many lives being put in dangerous situations, especially those that are elderly and cannot defend themselves because of irresponsibility of these companies that vouched to secure their personal and sensitive information. I have been going through this invasion of privacy and intrusion of my home security at the expense of these so-called breaches, hacks, etc. Been threatened to be placed on the Dark Web..I didn’t have no idea what the dark web was….do remember, every one suffers from your company’s negligence including me, the customer.

  2. I went on ,y Facebook page September 14, 2022 and when I tried to log out it will not let me do it on my iPad and cellphone. I’ve read and tried the information that Facebook said to do and nothing. I would like to know if I can fix it or if someone at Facebook can help.

  3. State depts and central management systems play a huge part in the leaks and breaches. Kronos is a good example of how so called middleware and partnerships with third party systems integrators can cause havoc on ordinary working citizens. Unfortunately, media and news fail to cover and release the real news and cover up a lot for certain orgs.

  4. I have dedicated my time to do these although am not supposed to be doing but the laudable job Henry did for me worth more than what i paid for,l have never dream of getting my husband phone call details and receiving his whatsapp and text messages(not even anytime soon).The day i started receiving all his messages that was the day l promised to come back to where l saw recommendation about him and join the good people to spread and share my experience. Married women pls contact him via email: and you can text, call him on whatsapp him on +12014305865, or +17736092741, and be saved from the bondage subjected by those selfish men.

  5. I’m excited to write about Henry Hacker, he is a great and brilliant hacker who penetrated my spouse’s phone without a physical installation app. And I was able to access my spouse’s phone, SMS, Whatsapp, Instagram, Facebook, Wechat, Snapchat, Call Logs, Kik, Twitter and all social media. The most amazing thing there is that he restores all phone deleted text messages. And I also have access to everything including the phone gallery without touching the phone.I can see the whole secret of my spouse. Contact him for any hacking service. He is also a genius in repairing Credit Score, increasing school grade, Clear Criminal Record etc. His service is fast. Contact:, and you can text, call him on whatsapp him on +12014305865, or +17736092741..


Leave a Comment