2022 Data Breach Summary Report

Data breaches aren’t going anywhere. In fact, they’re only becoming more common as our lives move increasingly online. As information managers, IT security officers, and information security officers, it’s important to stay up-to-date on the latest data breach trends so you can better protect your organization’s critical data. Here’s a quick summary of the most notable data breaches from 2022.

The Big Picture

In 2022, there were more than 4,100 publicly disclosed data breaches and Q3 of 2022 alone saw a 70% increase in data breaches.

Experts report that these breaches accounted for over 22 billion records being compromised, across the globe.

The average data breach costs in 2022 is $4.35 million, a 2.6% rise from 2021 amount of $4.24 million.

Know the Threats

The best way to protect yourself from increased malicious activity is to know the most common threats that exist for your organization and the information you manage. In 2022 the top data breach threats were:

1. Social Engineering Attacks: These types of attacks use a variety of techniques such as phishing, pretexting, and tailgating to try to gain access to sensitive information.

2. Malware Attacks: Cybercriminals use malware to infect computers, applications, and networks with malicious code in order to gain access to confidential data.

3. Insider Threats: Insider threats are those that come from within an organization, such as employees or contractors with malicious intent to gain unauthorized access to data or commit fraud.

4. Unsecured Data: This type of breach is caused by weak security measures allowing criminals to access sensitive information without authorization.

Top Data Breaches of 2022

With a sizeable increase in the number of records compromised, it’s no surprise that the top breaches in 2022 saw some of the most large-scale attacks and attempts to resell user data and personal information to date. In many cases, the data was held for large ransoms, which firms elected not to pay, as these measures have proved ineffective in preventing information from surfacing on the dark web.

MediBank Data Breach

One of the largest breaches of 2022 happened in Australia when health insurance provider MediBank reported that data of over 9.8 million past and current customers had been compromised.

Los Angeles Unified School District Breach

A breach of the LAUSD compromised over 5000 GB of data containing personal identifying information, including passport details, Social Security numbers and tax forms, contact and legal documents, financial reports with bank account details, health information, conviction reports and psychological assessments of students.

Optus Data Breach

In September over 9 million customers of the Australian Telecommunications provider Optus suffered a massive data breach that exposed names, dates of birth, phone numbers and email addresses and even physical addresses and personally identifiable information like driving licenses and passport numbers of some customers.

DoorDash Breach

In August 2022 the names, delivery addresses, phone numbers, and email addresses of some 4.9 million customers were leaked in a hack that the company later said was the result of a targeted, sophisticated phishing campaign on one of their third-party vendors.

Healthcare Providers Face Increased Risk

Because of the types of information available within their systems, hospitals, healthcare providers, and insurance agencies continue to be some of the hardest-hit sectors when it comes to data breaches.

Check out this report with some staggering statistics about data breaches in the healthcare industry over the last few years.

When it comes to breaches, knowledge is power

Data breaches are becoming more frequent each year, and their size and scope are growing as well. As information managers, IT security officers, and information security officers it’s important to stay up-to-date on trends so you can develop a comprehensive security plan for your organization. Implementing the proper controls and tools to keep data safe is key, but educating staff and users on potential threats and best practices can go a long way in preventing malicious activity from occurring.

Good security starts with knowledge – so make sure you’re staying informed about the common threats facing organizations today!