Data breaches continued to affect all types of companies in 2022, and the average cost of these breaches was $4.35 million. The reputational damage caused by data breaches is also huge, and can be hard to recover from.
Here are seven of the biggest data breaches from the last 12 months in terms of the volume of data:
7. Optus: 11 million customers
This data breach in September meant hackers got access to sensitive customer information including passport numbers and Medicare ID numbers. The Australian government has since said that Optus should pay for customers’ passport renewals.
6. SuperVPN, GeckoVPN and ChatVPN: 21 million users
A hack on these widely-used Android VPN services meant users had information, including usernames, country names, billing details, email addresses and randomly generated password strings, stolen.
5. National Registration Department of Malaysia: 22.5 million citizens
A group of hackers claimed to have accessed the myIDENTITI API, a database that lets government agencies like the National Registration Department access information about Malaysian citizens.
4. Shein: 39 million customers
This data breach originally took place in 2018, but it hit the news again last year when the State of New York fined Shein’s owner, Zoetop, $1.9m for failing to disclose the breach. It was made worse by them only contacting 6.4 million out of the 30 million customers affected to request they change their passwords.
3. Uber: 57 million users
Again, this is another cover-up of an old data breach that happened in 2016. Uber initially paid the hackers $100K to make sure the breach wasn’t made public. Their former chief of security is now the first executive to face criminal prosecution for charges relating to data breaches due to his attempts to cover them up.
2. NeoPets: 69 million users
In July, a database of user information including email addresses, zip codes and birth dates, collected over 18 months from January 2021, was made available for sale on an internet forum.
1. Whatsapp: 487 million users
In November a hacker claimed to have up-to-date information of almost 500 million users from 84 countries. CyberNews looked into this data and was able to confirm that 1,914 phone numbers were WhatsApp users, which suggests the claims are true.