2023 has been a monumental year for news-worthy cyberattacks. Global companies with a user-base spread worldwide, such as Uber, Microsoft, Meta, and Twitter, suffered significant cyber hacks in 2023. Cybersecurity has gained considerable mainstream relevance in recent years, even for non-IT companies.2023 witnessed a wide range of cyberattack vectors, ranging from hostile government-backed bad actors to ransomware-as-a-service groups. The emergent threat landscape is so vast and varied that old-school cybersecurity strategies have lost all relevance. The industry-backed emphasis is on outsourcing security operations and engaging external cybersecurity expertise to achieve comprehensive threat coverage.IBM’s Cost of Data Breaches Report 2022 states that the average data breach cost has increased by 12.7% since 2020. It has reached USD 4.35 million in 2022 from USD 3.86 million in 2020. Per IBM’s findings, compromised credentials, phishing, and cloud misconfigurations were the most common attack vectors. The focus is now on companies enforcing a proactive approach to cybersecurity. The onus is on business decision-makers to ensure robust password policies, train employees to spot signs of social engineering attempts, and create safeguards against human error. Let’s take a look at the cyberattacks that shook the global community and became trending news this year:
Table of Contents
5 Cyber Hacks That Shocked the Market In 2022
1. Toyota data breach
On October 11, Japanese automobile giant Toyota announced a data breach that affected almost 296,019 customers. Toyota discovered the leak after a hacker breached the company server using credentials obtained from source code published on GitHub. The hacker stole the names, email addresses, and customer management numbers of Toyota customers.
Protect Your Organisation From Cyberattacks With Ace Managed Security
Toyota executives claimed that a third party “mistakenly uploaded part of the source code to their GitHub account while it was set to be public.” Alarmingly, the source code was exposed for five years, since December 2017. Unfortunately, such password theft cases are commonly seen. Cyber defense experts, such as Roger Grimes at KnowBe4, estimate that “hundreds of thousands of exposed passwords are up on GitHub waiting for anyone who can access the source code to reveal it,” This is a significant problem for the cybersecurity community and a boon for hackers.
2. Optus data breach
Optus, Australia’s second-largest telco, suffered a malicious cyberattack on September 23. The breach occurred after hackers broke through the company’s firewall. Optus has around 9.7 million subscribers across Australia, and a significant portion of those customers was affected by the breach. In an official statement, Optus confirmed that customers’ names, phone numbers, dates of birth, and email addresses might have been exposed. In some cases, street names, driving license details, and passport numbers of certain subscribers were also exposed. Given the scale of the data breach, Optus customers are at significant risk for identity theft and fraud. Optus notified users that it would not send any links via email or SMS. Users were warned against clicking on links that appear to have come from Optus.
3. Samsung hacks
2022 has been a tough year for Samsung. The South Korean tech giant suffered two significant data breaches this year, one in March and one in August. In March, hackers breached Samsung’s internal systems in the U.S. and reportedly stole source code relating to Galaxy smartphones. Notorious hacking group Lapsus$, also responsible for the Uber hack, obtained algorithms for Samsung’s biometric technology, bootloader source code for recent devices and activation servers, and other proprietary intel. The breach contained almost 190GB of user data.The second breach occurred in late July and was discovered in August. A third party breached US-based internal systems and compromised user data, including names, contact information, demographics, and dates of birth.
4. Cisco Ransomware attack
IT giant Cisco was hacked by the Yanluowang Ransomware gang on May 24, 2022. The attackers accessed a Cisco employee’s personal Google account that stored their Cisco credentials. The user had enabled Google Chrome’s password syncing feature, allowing the attackers to access Cisco VPN. The Yanluowang gang published a partial list of exfiltrated files, including contents of a cloud storage folder. According to industry experts, most of the data stolen was from the compromised user and “not of great importance.”Although the damage was minimal, we are highlighting this incident to the multi-vector nature of the attack. The breach included elements of phishing, multi-factor authentication (MFA) fatigue, and credential theft.
5. Marriott data breaches
Marriott International Inc. suffered two data breaches this year and its third significant hack in the last four years. The latest hack occurred in July when attackers reportedly stole around 20GB of data from Marriott Hotels, including customers’ personally identifiable information, credit card information, and internal company documents. In March, Marriott faced a data breach case that included the personal information of approximately 5.2 million guests. The breach occurred after third-party bad actors obtained the login credentials of two hotel employees.
6. Uber hack
On September 15, Uber faced a major cyberattack that compromised its internal systems and communications for many hours. This was another major attack carried out by the Lapsus$ group in 2022. The Uber hack is a perfect example of a multi-vector attack. Hackers used multiple tactics like compromised credentials obtained from the dark web, MFA bombing (or MFA fatigue), social engineering via WhatsApp, third-party vendor compromise, and privilege escalation.
7. IHG (InterContinental Hotel Group) cyberattack
IHG group, a British hospitality group that manages 6,028 hotels across more than 100 countries, suffered a major cyberattack in September. The attack affected Holiday Inn, Crown Plaza, and Regent hotels by disrupting IHG’s booking channels and apps. IHG executives claimed no evidence of unauthorized access to guest data. The hotel group had to deal with many angry customers, lost revenue, and a class-action lawsuit by franchisees due to the cyberattack.
8. LAUSD (LA Unified School District) Ransomware attack
September 8 was a difficult day for school administrators, teachers, students, and parents of LA’s largest school district. The Ransomware attack on LAUSD systems impacted over 600,000 students and 70,000 staff in over a thousand schools. Hackers breached the school district’s IT environment with a Ransomware tool that temporarily disabled and froze some critical systems. The attack also took the district’s website offline for several hours, causing students and staff to lose access to email.
A Common Thread Among the Attacks
We mention these brief case studies to help you understand the current cybersecurity threat landscape. You might have noticed a commonality in these attacks, although they cover different organizations from different industries. Most of the attacks stemmed from credential theft or some form of social engineering. This highlights a typical attack pattern used by global threat actors. Alarmingly, they have been relatively successful in targeting negligent employees and insecure password protection policies.Suggested Reading: Human Hacking: All About Social Engineering Attacks (acecloudhosting.com)While large organizations, like the ones mentioned above, are more prone to high-risk attacks, small and medium businesses are just as likely to be hacked and breached. As per Accenture’s Cost of Cybercrime research, 43% of cyberattacks target small businesses. So, if you think only MNCs have to worry about cyberattacks, you couldn’t be more wrong!In this dangerous threat landscape, getting regular vulnerability assessments is every business’s core responsibility. Beyond securing your data, assets, and business operations, a vulnerability-conscious company inspires trust and goodwill among employees and clients. Take a free security consultation with ACE experts today and find the best ways to optimize your security posture. Book A Free Consultation Today!
With 20+ years of expertise in building cloud-native services and security solutions, Nolan Foster spearheads Public Cloud and Managed Security Services at Ace Cloud Hosting. He is well versed in the dynamic trends of cloud computing and cybersecurity.
Foster offers expert consultations for empowering cloud infrastructure with customized solutions and comprehensive managed security.