The good news is that the rapid growth of breach costs that we saw between 2020 and 2021 has slowed. The bad news? The figures continue to increase and are at their historical high. Last year, that the average global cost of a single data breach was USD 4.35 million – a 2.6% increase from 2021 (compared to a whopping 10% increase the year before). 

The healthcare industry saw the highest cost per breach (USD 10.10 million), with finance and technology trailing quite a distance behind (USD 5–6 million).  

The main culprit? Phishing. Compromised business email, vulnerabilities in 3rd party software, and stolen credentials follow closely behind. These are all things that the right information security management system should be able to prevent.

Every year these “top breaches” lists are published to remind you that hackers continue to get better. All. The. Time. For organizations, that means that their cyber security needs to keep up. All. The. Time.

And if IBM knows what it’s talking about, for 83% of companies it’s only a matter of time before a breach happens. Not if, but when. (IBM’s Cost of a Data Breach Report 2022)

No matter if you are here trying to learn from these examples, or if you’re only after a bit of cyber drama, here are the unlucky top 6 organizations who learned the hard way in 2022.


#1 Costa Rica

Number of records leaked: 600 GB of government data
Main cause: ransomware

Two attacks, in April and May 2022, caused Costa Rica to declare a state of emergency. Attackers targeted Costa Rican government institutions, affecting at least 30 organizations, basically causing the country to come to a halt. 

Russian hackers were at the center of the cyber-attacks on Costa Rica, and they even called for Costa Rica’s government to be overthrown.

The data breach resulted in over 600 GB of confidential government data being leaked after Costa Rica declined to pay a ransom of USD 20 million.

The government was forced to shut down computer systems, wreaking havoc in every industry from healthcare to international trade. The government reported losses of USD 30 million per day and had to request international assistance in dealing with the cyber-attack.

Types of data exposed: 

  • Personal identification details
  • Tax returns
  • Company information
  • Medical information
  • Insurance information

#2 Optus

Number of records leaked: 11 million
Main cause: unprotected API

Optus, an Australian telecommunications company, suffered a major data breach in September 2022 that caused the details of 11 million customers to be stolen. Massive flaws in Optus’ cyber security led to Australia’s 2nd highest data breach in history.

A public-facing API was the culprit, allowing the system containing sensitive data to be accessed without a username or password. Optus also made it extra easy for the hackers to identify each customer by using poor customer identifiers that anyone who can do simple arithmetic could crack.

The hackers asked for a ransom not only from Optus, who refused, but they also contacted the individual customers whose details they stole.

Optus is working with the Australian Cyber Security Centre, Australian Federal Police and other national authorities to mitigate risks to customers. An investigation is underway.

Types of data exposed: 

  • Names
  • Dates of birth
  • Phone numbers
  • Email addresses
  • Home addresses
  • Driver’s license and/or passport numbers
  • Medicare ID numbers

#3 MediBank

Number of records leaked: 9.7 million
Main cause: compromised credentials

Medibank Private Ltd., one of the largest health insurance providers in Australia, took a big hit in October 2022. Hackers from Russia were able to steal data pertaining to nearly all of Medibank’s customer base – a total of 9.7 past and present customers, including 1.8 million international customers.

For some of those customers, entire health records were taken and were used as leverage to get Medibank to pay a ransom. They highlighted the so-called “naughty list”, which contained personal health information for those that have experienced drug and alcohol abuse, mental illness and pregnancy termination.

Medibank refused to pay the hackers, and the data files were released on the dark web.

An investigation was launched by Australian federal police, who are working with Russian authorities through Interpol to pursue the hackers. Medibank itself is under investigation to assess whether it took reasonable steps to protect its customers’ data and is facing high fines.

The data breach caused Medibank’s stock price to drop 14%.

Types of data exposed: 

  • Names
  • Dates of birth
  • Phone numbers
  • Email addresses
  • Gender
  • Health claims
  • Health provider names
  • Diagnoses
  • Contact details

#4 Ronin

Stolen: USD 625 million in cryptocurrency
Main cause: spear phishing

In the 2nd largest crypto hack in history, North Korean hackers managed to steal USD 625 million in cryptocurrency from the blockchain gaming platform Ronin through the game Axie Infinity.

After an advanced phishing scheme that used LinkedIn to compromise the computer of a senior employee of the game’s Vietnam-based developer, the hackers were eventually able to gain access to five of nine nodes used to validate financial transactions on the blockchain.

The FBI and the U.S. Treasury Department's Office of Foreign Assets Control are involved in the investigation.


#5 TransUnion

Number of records leaked: 5.5 million
Main cause: compromised client credentials

South African credit reporting agency TransUnion was targeted by Brazilian hackers in September 2022. In a somewhat entertaining brute force attack, a client’s account was used to access the TransUnion server by guessing the password “password”.

It isn’t clear exactly how many records were leaked, but the numbers are in the millions and allegedly also include client data from major South African banks, insurers, and car manufacturers. Exposed persons could include politicians, judges, police and their family members.

TransUnion was criticized for their inadequate response to the cyber-attack by South Africa’s Information Regulator and is under investigation.

When a similar breach of a different credit company happened a couple of years ago, the South African Fraud Prevention Service reported a big surge in fraud across the country. Cybersecurity experts warn of similar consequences to the TransUnion breach.

Types of data exposed:

  • Names
  • Addresses
  • Telephone numbers
  • Social Security numbers
  • Account numbers
  • Driver’s license information

#6 Cash App

Number of records leaked: 8 million
Main cause: insider threat

In April 2022, financial services giant Block, the company behind Cash App, filed a report with the U.S. Securities and Exchange Commission stating customer data had been compromised.

The data breach was carried out by Cash App’s former employee as revenge for their termination. The employee’s access to client reports was not revoked by the company after they left Cash App, which turned out to be a huge security oversight.

Luckily, the reports that were downloaded didn’t include other sensitive data such as passwords, account information or Social Security Numbers. The leaked data on its own shouldn’t pose a big threat to Cash App’s customers, but it was recommended that users update their passwords and enable two-factor authentication.

Cash App is working with law enforcement and is monitoring the situation. Hopefully they learned a thing or two and are updating procedures in their information security management system.

Types of data exposed:

  • Names
  • Portfolio values
  • Stock trading information
  • Brokerage account numbers

How organizations can reduce the costs of data breaches

The human factor is involved in 82% of data breaches (Verizon's 2022 Data Breaches Investigations Report). When it comes to minimizing damage caused by data breaches, time, prevention and response strategies are of the essence.

  • Organizations using DLP automation are able to identify and contain breaches much faster than those that do not, saving an average of USD 3 million per breach.
  • A detailed incident response plan in place can further reduce the cost of a cyber-attack by USD 2.6 million.
  • Another layer of protection can be provided by implementing a Zero Trust security strategy, reducing the cost to organizations by USD 1.7 million more per breach.

(Data from IBM’s Cost of a Data Breach 2022)

At Safetica, we help all companies, large and small, from various sectors to protect their data.


    Talk to us



    Author
    Kristýna Svobodová
    Content Strategist @Safetica

    Next articles

    Data Encryption: How It Works and Why Your Business Needs It

    This article breaks down the essentials of data encryption in a straightforward, easy-to-understand way. You'll learn how encryption works, the key algorithms like AES and RSA, and how to apply these tools to secure your organization’s data—whether it's stored on your servers or in transit across networks.

    Strengthening Data Loss Prevention (DLP) in AWS

    A comprehensive guide to Data Loss Prevention (DLP) in Amazon Web Services (AWS), outlining key features and strategies for protecting sensitive data. Explore how integrating Safetica can enhance AWS's native DLP capabilities.

    7 Insider Risk Management Strategies for a Mid-Size Enterprise

    In this guide, we're breaking down insider risk management specifically for SMBs, giving you practical strategies and actionable tips that’ll help sooth your concerns.