According to the Identity Theft Resource Center, the first quarter (Q1) of 2022, saw 404 publicly reported data breaches that affected over 20 million records, leaving organizations worldwide scrambling to improve their security measures. That’s a staggering number, an increase of 14%, and it will only get worse in the remaining quarters of 2022.
These attacks have shown us how vulnerable our data is and how important it is to take steps to protect ourselves. In this blog post, we’ll look at the top three data breaches of 2022 and what we can learn from them. We’ll also discuss how PreEmptive can help you protect your applications and make them more resistant and resilient to hacking and tampering, protecting intellectual property, sensitive data, and revenue. Stay safe out there!
Data breaches are never a good thing; we’ve had some serious ones in the last few years. From Equifax to Facebook, they all share one thing: your personal information! But something about someone accessing your information without authorization can make you feel unsafe, especially if it’s personal data like passwords or credit card numbers! These past few years have seen some major incidents in this field. Here is an updated list for 2022:
In Texas, the Department of Insurance (TDI) announced that their web application, which manages workers’ compensation information, had encountered a security issue. Their investigation and audit report revealed that 1.8 million Texans’ data might have been exposed to the public for almost three years, from March 2019 to January 2022 inclusive!
Personal data breached included victims’ names, phone numbers, Social Security numbers, addresses, birthdates, and injury information, among others. The TDI attributed this breach to improper coding where someone exploited an injection point within programming codes that granted them internet privileges to unauthorized areas of their application.
TDI did more than fix the problem. In an effort to restore trust with those affected by this unfortunate event, they restored their online web application and offered 12 months of free credit monitoring services for those whose compensation claims had been leaked to the public. In addition, TDI reviewed all security measures as well as policies and procedures within the company to enhance current protection methods against any future cyberattacks.
This breach highlights the importance of implementing strong security measures, such as two-factor authentication and training employees on how to spot phishing attempts. It also highlights the importance of having a plan for what to do in the event of a data breach.
The global automotive manufacturer Toyota was forced to suspend its operations in 14 factories following a suspected cyberattack. A spokesperson for the company said that they believed it was an issue with one of their suppliers, a plastic parts and electronics supplier called Kojima, who had vulnerabilities on their end. According to Kojima, an error message in one of their servers had suggested potential data theft attempts by hackers.
The recent cyberattack on Toyota left the company frustrated and vulnerable. The loss of the output of 13,000 vehicles is unprecedented for them! The reason behind these criminal acts and motive remains unclear, but we know that it has drastically affected business operations and customer trust.
This breach highlights the importance of keeping your systems up to date with the latest security patches. It also underscores the importance of having a robust security plan that includes incident response and data loss prevention.
In January, the Washington State Department of Licensing (DOL) revealed that a suspected data breach could have disclosed the personal information of over 250,000 professional licenses. Following investigations assisted by the Washington Office of Cybersecurity, it appears hackers stole sensitive personal data, social security numbers, license numbers, and dates of birth of approximately 650,000 professionals and business owners – current and former. The department was obliged to shut down to allow investigations.
The Washington State Department of Licensing (DOL) also had to shut down its Professional Online Licensing and Regulatory Information to avoid being compromised and for its customers’ safety and security. In March, the department announced it was back in operations and would waive all late filings. The outage affected business owners and those whose licenses expired during the closure. The department issues licenses spanning 39 businesses and professions.
The DOL did not have conclusive information about the data breach at the time. However, it assured its customers that other systems operated by the DOL, including vehicle and driver’s license systems, were under constant monitoring.
This breach highlights the importance of having a robust malware detection and prevention system. It also underscores the importance of having a plan to respond to a data breach, including how to notify affected users and prevent attackers from accessing sensitive data.
As is seen from the examples above, data breaches can devastate businesses, no matter their size. That’s why having a security budget and a plan for developers is crucial.
A cybersecurity plan and budget are critical because:
These three data breaches of 2022 show us just how important it is to take steps to protect our data. We must set a security budget for investing in security products like DevSecOps, have a plan in place for developers, and implement robust security application measures, such as two-factor authentication, app hardening, and training employees on how to spot phishing attempts.
We must also keep our systems up to date with the latest security patches and have a robust security plan that includes incident response and data loss prevention. Don’t wait until it’s too late. Invest in security today with PreEmptive protection products!
PreEmptive can help you protect your applications and make them more resistant to hacking and tampering, protecting intellectual property, sensitive data, and revenue.