The Most Recent Data Breaches And Security Breaches 2021 To 2022

Last Updated: November 12, 2022
In this blog, we will be discussing the most recent data breaches and security breaches and other relevant information.
The Most Recent Data Breaches And Security Breaches
EarthWeb is reader-supported. When you buy through links on our site, we may earn an affiliate commission.

Today’s digital age has increased cybercrime, and businesses and individuals are experiencing a growing number of breaches.

The number of most recent data breaches reported this year exceeded those reported in 2021 and 2022.

Organizations and businesses become more vulnerable to cyberattacks as they become more reliant on technology.

Hackers are constantly figuring out new and inventive ways to attain data access, so companies need to take more robust cybersecurity measures than ever before.

The risks of security breaches and cyber-attacks have increased with the proliferation of flaws and gaps in most businesses’ security measures.

Human error is a significant cause of these types of breaches and attacks by hackers.

Another crucial reason for the increase in these incidents is the end-user who isn’t adequately educated about the safe use of an app or business.

However, it falls under the banner of human errors.

But primarily, human error defines the mistake made by the owner or employees of the targeted business.

All this has led to several of the most recent data breaches. 

OpenSea’s Discord Hacked – May 2022

OpenSea

The fake news about partnerships was revealed in an OpenSea screenshot shared on May 6.

There was also a link to a phishing website included in the screenshot.

The official Twitter account reported a breach of the NFT marketplace Discord server on Friday morning for OpenSea’s support.

In fact, there was even a warning posted on the channel advising users not to click on any links.

Based on on-chain metrics, it appears that 13 wallets have been compromised so far in these security breaches, with Founders’ Pass generating the highest value, worth 3.33 Ether or approximately $8900.

Before OpenSea recovered the account, the hacker spent a long time on the server.

The hacker, however, had already begun instilling a sense of fear of missing out in the users in order to trigger their reaction to the announcement.

After posting follow-up posts, the hacker alleges that 70% of the supply had already been minted.

Finland Hit By Cyberattack, Airspace Breach- April 2022

While Ukrainian President Volodymyr Zelensky spoke before the Finnish Parliament on Friday, Finland became the victim of one of the most recent data breaches and an airspace breach. 

The country’s Ministry of Defense announced its website was under a cyber attack, and it will remain shut down until further notice.

In the hours following the incident, the department clarified that the cyberattack was a denial-of-service attack.

It is a way to prevent access to a website so that users can’t gain any information from it.

The Ministry’s Twitter account tweeted several Finnish foreign ministry websites reportedly hacked following the attack.

Microsoft Data Breach – March 2022

Cyber security breaches are nothing new for Microsoft, and the company was targeted by a group called Lapsus$ on March 20, 2022.

According to a screenshot posted on Telegram, the hacking group claimed that they had managed to hack Microsoft and compromised other products, such as Bing, Cortana, and Microsoft Outlook.

In addition to the material obtained from Microsoft, the hackers snatched some information from that company.

Still, on March 22, Microsoft announced that the hacking attempt had been shut down promptly and that only one account had been compromised.

No customer data was stolen in the most recent data breaches, and it is likely Microsoft benefited from its excellent security team – Lapsus$’s previous targets have included Nvidia, Samsung, and others, and Microsoft was already on the alert for these politically motivated groups.

State Bar Of California’s Data Exposed – February 2022

Unauthorized access was made to a public state bar of California website collecting nationwide court records.

During the hacked period, the site had posted confidential information on more than 260,000 non-public attorney discipline records, along with about 60,000 public court records of the State Bar and possible information from other jurisdictions.

A significant chunk of data was unveiled, including information about profiles, case numbers, the dates when cases were filed, and other types of crucial and sensitive information.

This makes it one of the most recent data breaches that were so significant. Luckily, there wasn’t a single case that’s complete information was disclosed.

Toyota’s Japanese Plants Forced To Stop Production – February 2022

One of Toyota’s significant suppliers had its parts supply management system breached by hackers, forcing the automaker to halt production at all of its Japanese plants. 

The supplier provides Toyota with plastic parts. Companies working as subsidiaries of Toyota, such as Daihatsu Motors, were made to stop the manufacturing processes until the issue was resolved.

It was one of the most significant cyber-attacks made on the automotive giant.

Crypto.com Breach: January 2022

How To Withdraw Money From Crypto.com To Bank Account

For a long time, the blockchain model was regarded as one of the most secure methods of processing transactions.

Hackers have, however, not provided a halt to their attempts to compromise crypto-based transactions with the most recent data breaches.

Wallets of 483 Crypto.com users were targeted in an attack on January 17, 2022. 

According to reports, the hackers took bitcoin worth approximately $18 million and Ethereum worth $15 million, plus other cryptocurrencies.

Users’ wallets were accessed by bypassing two-factor authentication, which hackers were able to do.

Crypto.com initially dismissed the incident as a mere ‘incident’ before retraction, acknowledging that money had been stolen and that affected users were refunded.

They audited their systems as part of the company’s security posture improvement after these most recent data breaches.

Europe’s Electronics Retailer Suffered Ransomware Attack – December 2021

Europe’s largest retailer of consumer electronics, MediaMarkt, was recently attacked by the Hive ransomware. A $240 million ransom demand was made in the first attack.

A $50 million bitcoin ransom demand was completed shortly afterward. It was one of the biggest security breaches of 2021.

Early December saw a disruption in IT systems and store operations due to the attack. It is due to MediaMarkt’s thousands of stores in 13 countries with over 53,000 employees.

Throughout the store, hackers hacked computers and encrypted all data.

Staff members were told not to use the cash register computers or disconnect the store’s network cables. Store patrons were not permitted to make purchases online or by phone.

Orders and returns via the Internet were not allowed. It was a significant setback for the company, and suffered a heavy loss.

Robinhood Robbed In Customer Service Breach – November 2021

Robinhood initially rose to prominence as a platform for navigating the stock market without much financial knowledge, but it recently faced a new risk.

Bad actors posing as customer service agents could access the company’s customer support system on November 3 when they called in pretending to be a customer service representative.

The data included email addresses, names, and phone numbers.

Within a week of these security breaches, Robinhood issued an official statement and updated users about the potential exposure of personal data.

However, the company does not believe that the thieves managed to obtain social security numbers or banking information.

They did demand a ransom in exchange for data.

Despite these precautions, there remains a risk that the stolen materials may be used in future crimes such as targeted phishing attacks.

Panasonic’s Network Accessed Illegally: November 2021

Panasonic

A hacker accessed Panasonic’s network illegally in November 2021, according to the Japanese tech manufacturing giant.

Upon discovering the unauthorized access, the company contacted the relevant authorities immediately and implemented security measures.

The company’s statement identified that the file server was breached and data was stolen.

This was among the most recent data breaches of 2021 which affected a technology giant. 

In Japanese media, NHK reported that Panasonic’s technology, business partners, and employees’ personal data were on the server.

Panasonic did not provide details about what information was obtained.

Ferrara Candy Gets A Ransomware Attack – October 2021

In one of October’s most cruel cybercrimes, Ferrara candy maker suffered a ransomware-related shutdown just as Halloween season began.

A number of the company’s iconic Halloween treats are made by the company, including Brach’s Candy Corn and Nerds.

After the ransomware attack, many of the company’s manufacturing and distribution facilities had to cease production.

Ferrara had already fulfilled almost all of its Halloween orders by the attack.

In addition, the company appears well-prepared for a security incident, as production and distribution resumed quickly at nearly total capacity.

The flow of Halloween treats doesn’t seem to have been stopped by even a nasty trick.

Ransomware Attack At Howard University – September 2021

Howard University

The recent holiday season has emerged as a prime time for the most recent data breaches and cyber attacks in the United States.

Another example of this occurred during Labor Day 2021 weekend.

It was announced in early September that Howard University, the country’s oldest historically black university, had been attacked by ransomware.

Due to the disruption, Howard struggled to recover access to its wifi network for several days.

It took the school a long time to reopen and did so gradually and incrementally. 

School’s email system may have been involved in these security breaches.

Nonetheless, Howard University is unsure of the perpetrator, the ransom terms, and whether the ransom will be paid.

While students were still gaining access to emails and wi-fi, the school issued detailed instructions on protecting their personal information and encrypted files.

T-Mobile Customers’ Data Stolen – August 2021

The August 4 data breach at T-Mobile was one of the month’s most recent data breaches and the most publicized security breach after a solo hacker obtained a shocking amount of customer data.

Approximately 850,000 current, former, and prospective T-Mobile customers also had their PINs and phone numbers exposed, along with their birthdates and IDs were stolen.

John Binns, a 21-year-old hacker, was revealed to have taken credit for the attack. He was solely responsible for these security breaches.

A flaw in T-Mobile’s internet addresses and an unprotected router allowed Binn, an American living in Turkey, to breach its system.

The purpose of Brinns’ use of the stolen data remains unclear.

It is reported that T-Mobile is preparing to file a significant class-action lawsuit and offers affected customers free identity theft protection.

Kaseya Firm Hacked – July 2021

As a global IT infrastructure management company, Kaseya manages the IT infrastructures of significant companies.

The hack could have disrupted critical economies across the country in the same way Colonial Pipeline and JBS Foods were attacked.

Through Kaseya’s Virtual System Administrator, REvil sent out a false software update that infiltrated both Kaseya’s direct customers and their customers.

Ransoms were demanded on one million systems, according to REvil. Kaseya says around 50 customers and 1,000 businesses were affected. Bitcoins worth $70 million were demanded by the hacker group.

With this attack, around fifty clients of Kaseya came under this hacking incident. This hacking attempt disturbed more than 1000 businesses.

A whole week of closures was required at 800 stores of Coop, a Swedish supermarket chain, as a result of the cyber-attack.

The FBI obtained encryption keys for REvil’s servers shortly after the most recent data breaches.

The IT infrastructure of Kaseya’s clients was restored without ransom payments.

Linkedin Data Breach – June 2021

LinkedIn

During June 2021, a Dark Web forum listed 700 million LinkedIn users’ information for sale.

There are 756 million LinkedIn users worldwide, and this exposure affected 92% of them.

It appeared that the data was dumped in two waves, with the first wave exposing 500 million people and the second dumping boasting that 700 million people were included.

LinkedIn claims this is not a ‘data breach’ since personal information wasn’t compromised.

This attack doesn’t fall under the category of security breaches either.

This attack was against the anti-scraping policy of the website as they don’t allow data scraping of any kind.

It was one of the most significant data breach attempts on LinkedIn. 

Colonial Pipeline Cyber Attack – May 2021

Colonial Pipeline came under a ransomware attack. This company controls the gasoline and natural gas pipeline that covers around 5500 miles.

It is spread from Texas to New Jersey. After the attack, the company had to close some parts of the pipeline and its procedures as the attack was made on the company’s billing system.

As part of its attempts to resolve the incident, Colonial Pipelines paid a ransom of 75 bitcoins.

It is around $4 million in cash. 2021 faced many cyberattacks and data breaches, but this one was one of the biggest in America.

It disturbed and caused panic in the whole infrastructural management system.

The US government and its allies should be more vigilant in addressing and deterring ransomware attacks seem to have served as a wake-up call.

Facebook Data Breach – April 2021

Facebook often suffers from the most recent data breaches. Another significant cyber-attack was made in April 2021.

This attack accessed the personal data of around 533 million users.

This data included information of users such as their names, contact information, and other crucial data.

This attack found its roots in 2019, when it started. It was discovered in 2021 by a security group.

Many people still remember that Facebook suffered a data breach in 2021. Cybersecurity firm Symantec disclosed the incident.

Several hundred thousand personal records were exposed in the database, including millions of people’s names, birthdays, and phone numbers.

Despite Facebook’s identification that an external attack caused the breach, it is caused by a common scenario: misconfiguration errors.

Breach escalation is one of the most dangerous aspects of these incidents. 

Microsoft Software Caused Data Breach – March 2021

Microsoft

Who doesn’t know the tech giant Microsoft? Can someone imagine that a company like Microsoft can be breached?

Well, there was a cyber breach attempted on Microsoft software by Hafnium.

It is a Chinese hacking group. This attack impacted more than thirty thousand businesses in the US.

The attack started when hackers exploited previously unknown vulnerabilities in Microsoft Exchange servers using stolen passwords.

Any user with access to either physical or virtual resources was able to gain full administrative rights.

Microsoft advised customers to immediately update their systems with software patches to prevent this type of attack.

COMB Data Breach – February 2021

One of the hacking forums on the internet posted a compilation of previously breached user information in February 2021.

ZIP files on RaidForums were found to contain billions of usernames and passwords compiled from many breaches (COMB) 3.8Billion (Public).

There is no evidence of any other collection as large as this one in history.

Unlike other recent security breaches involving significant firms, the Netflix data leak comes not from a single breach.

Still, it is a compilation of information from previous breaches involving Netflix, LinkedIn, Hotmail, and Bitcoin.

As a result of the COMB breach, up to 70% of all internet users could have had their data exposed.

SocialArk Data Breach – January 2021

In January, a massive data breach occurred at China-based SocialArks, a platform that facilitates marketing, brand building, and social customer management.

Due to a cloud misconfiguration, 214 million social media users worldwide exposed their private and public profiles, including celebrity and influencer profiles. 

Users’ Facebook, Instagram, and LinkedIn profiles were accessed and exposed, containing their names, countries of residence, contact information, jobs, and subscription information.

In this attack, the server was left without usernames or passwords because of a vulnerability in its ElasticSearch database.

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Jason Wise

Hi! I’m Jason. I tend to gravitate towards business and technology topics, with a deep interest in social media, privacy and crypto. I enjoy testing and reviewing products, so you’ll see a lot of that from me here on EarthWeb.