Connect with us

Business

10 organizations that suffered massive data breaches in 2022

Published

on

Beyond Identity collected information about some of the largest, unique, and most high profile data breaches to wreak havoc on organizations in 2022.
Share this:

A data breach is when someone breaks into an organization and steals sensitive data. Attackers are able to get past security measures with tactics as varied as they are malicious, including phishing, planting malware, credential stuffing, and tracking keystrokes, to name a few.

Once they breach security barriers, cybercriminals might publicly expose sensitive information or steal data to sell on the dark web. In ransomware attacks, criminals hold data or computers hostage in exchange for a hefty ransom. These types of attacks often involve installing malware to lock up files or even entire system networks so that legitimate users can no longer access them—until they pay up, that is. Between 2021 and 2022, the average ransomware attack payment increased 71% according to one cybersecurity firm, with an average payout of almost $1 million. According to data for the first quarter of 2022, reported breach incidents have gone up by 14% compared to the same quarter in 2021 (although the number of victims per cyberattack has gone down).

To give important context to these troubling trends, Beyond Identity collected information about some of the largest and most high-profile data breaches of 2022. The dates included are when the breach was disclosed to the media, though the incidents themselves happened earlier. The damage from breaches can be costly; according to an IBM report, the average cost of a data breach to a company was more than $4 million in 2021. 

The 10 breaches covered here affected companies, international organizations, and even governments. (These incidents and many others can be seen in Aaron Drapkin’s regularly updated article tracking data breaches.) Read on to learn how these security attacks occurred and what has been done to remediate them.

An American Red Cross Disaster Services vehicle and logo.

Ken Wolter // Shutterstock

Red Cross

On Jan. 18, the International Committee of the Red Cross revealed that the organization had experienced a data breach. This attack resulted in a loss of personal data for more than a half a million people—many in vulnerable positions—including names, locations, and contact information. The hackers attacked a contractor in Switzerland that was storing this data. As a result, the Red Cross was temporarily forced to halt a program that helps reunite families torn apart by armed conflict, migration, natural disasters, and other tragedies.

In a statement, they pleaded with the hackers to keep the stolen data confidential and partnered with “highly specialized” firms to assist them in dealing with the attack. The Red Cross systems are back online, and the organization is working to inform people who have been affected by the data breach and also with partners to spread the word to states and other major actors about the importance in protecting humanitarian organizations online.

A phone open to OpenSea

Primakov // Shutterstock

OpenSea

OpenSea experienced a data breach on Feb. 20. While this attack only affected 17 users, the hackers made off with $1.7 million in crypto assets and leaked emails of OpenSea users. OpenSea was completing a migration, providing a perfect opportunity for a phishing attack. There is wide speculation that whoever caused this data breach tricked some OpenSea users to sign a contract partially, leaving some portions blank and thus making it possible for the bad actor to finish filling it out, calling for the creation of a new contract that, for free, transferred NFT ownership.

Since the breach, OpenSea has remediated the issue by warning its users about email phishing and implementing new security policies to make it harder to download customer data. They also terminated the employee they suspected to be working with the bad actor and reported the person to law enforcement.

A person applying for unemployment insurance benefits using the Texas workforce commission website

Blueee77 // Shutterstock

Texas Department of Insurance

On March 24, the Texas Department of Insurance disclosed they experienced a data breach in January. The breach resulted in the loss of personal information including social security numbers, contact information, and data about the injuries of 1.8 million Texans. For almost three years, this information had been exposed and available publicly on the TDI website, because of a programming code issue in a web application. This made it possible for people outside of TDI to access what was supposed to be a protected part of an online application.

To deal with the issue, the Texas Department of Insurance fixed the programming code and partnered with a company in the forensics sector to find out whether there had been any misuse of the leaked personal information. Fortunately, there was no evidence of foul play. The department also provided support, including one year of identity protection and credit monitoring services, to the people affected by the data breach.

A phone open to Cash App

yizhachok // Shutterstock

Cash App

Cash App went public with a data breach on April 4. Losses included names and account numbers for more than 8 million users. A former Cash App employee downloaded reports that contained American users’ personal information—specifically, users of Cash App Investing were affected. To address the issue, Cash App contacted all former and current users of the feature so they could answer users’ questions and provide resources and information. They also notified law enforcement about the breach, and advised all users of Cash App to change their passwords and utilize two-factor authentication.

Costa Rican President Rodrigo Chaves giving his inaugural speech during the presidential inauguration ceremony at the Legislative Assembly building on May 8, 2022, in San Jose, Costa Rica

Manuel Arnoldo Robert Batalla // Getty Images

Costa Rican government

On May 17, the Costa Rican government disclosed a data breach. A large chunk of the federal government was locked down due to a ransomware attack that crippled medical, tax, and other systems. More than 670 gigabytes of data was stolen and eventually leaked. This data breach occurred when the Russian ransomware group known as Hive hacked the country’s national health service, after which they left a ransom note copy. Experts suspect that Hive has been working with another Russian ransomware gang, Conti, to help Conti in a rebranding effort so they can evade international sanctions.

As a result of this attack, Costa Rican Social Security Fund systems were taken offline at the start of May 31, and the Costa Rican government has responded to ransomware attacks more generally by declaring a “national emergency”—becoming the first country to do so in response to a cyberattack.

A phone open to Twitter

Sattalat Phukkum // Shutterstock

Twitter

On July 22, Twitter announced a data breach that resulted in the loss of 5.4 million phone numbers and email addresses. The attacker exploited one of the microblogging platform’s log-in identification features, which allows a user to submit a publicly known phone number or email address and match it to a Twitter account. The attacker was able to create a list that contained scraped emails and phone numbers from the accounts of users with publicly available information. In response, Twitter remediated the issue by patching the vulnerability, and it has also encouraged its users to use two-factor authentication for their Twitter accounts.

Twilio building in Tallinn, Estonia

Cloudy Design // Shutterstock

Twilio

On Aug. 4, Twilio, a programmable communication platform, announced hackers had accessed data for more than 100 customers. This was particularly worrying because it included access to about 100 individual Authy accounts. Authy is a two-factor authentication provider. The hacker used sophisticated social engineering to trick Twilio employees into giving the attackers their credentials, which were then used to gain access to some of the company’s internal systems where they could access customer data.

To resolve the issue, Twilio confirmed the incident, revoked the access of the compromised employee accounts so they could mitigate the attack, and they started an investigation with the aid of a top forensics firm. Twilio has also trained staff to be aware of social engineering attacks, issued security advisories related to those tactics, examined technical precautions, and contacted customers who were affected by the attack.

A delivery person with a DoorDash branded tote on their bicycle in the Chelsea neighborhood of New York

rblfmr // Shutterstock

DoorDash

Due to the compromise of certain two-factor authentication accounts from the Twilio breach, the same group of hackers gained access to customers’ personal data stored by DoorDash, which disclosed this event on Aug. 25. This included names, emails, phone numbers, and addresses. After accessing accounts, the hackers were able to gain access to internal tools through an unnamed third-party vendor. That allowed access to the personal data of DoorDash customers. To solve the issue, DoorDash started an investigation with the help of a cybersecurity expert they have not named. DoorDash is also taking action to enhance its security systems.

The homepage of LastPass' website as displayed on a PC

Sharaf Maksumov // Shutterstock

LastPass

On Aug. 25, LastPass announced a data breach where source code was lost. By using one compromised developer account, an unauthorized party was able to access certain areas of the LastPass developer environment. After doing this, they stole source code, as well as some LastPass proprietary technical information.

This isn’t the first time LastPass has had security problems. A major outage caused login and password issues in 2020, and they experienced another significant security problem in 2019. To fix the 2022 data breach, LastPass enacted mitigation and containment measures, engaged a forensics and cybersecurity firm, and enhanced security measures.

The Nelnet app in the Google Play store

PREMIO STOCK // Shutterstock

Nelnet Servicing

Nelnet Servicing also experienced a breach, which they announced on Aug. 29. The company lost personal data for 2.5 million student loan accounts including names, addresses, and social security numbers. Hackers compromised Nelnet Servicing’s network—likely after having exploited a vulnerability. Threat actors with access to Nelnet’s information could use it to take part in scamming, impersonation, social engineering, or phishing attacks.

Nelnet Servicing took immediate action to secure its information system, blocked the criminal activity, fixed the issue, and started an investigation with the aid of third-party forensic specialists. Nelnet Servicing then informed the U.S. Department of Education of the breach, after which the department informed law enforcement. For individuals potentially affected by the breach, Nelnet Servicing provided two years of free access to identity theft and credit monitoring services.

This story originally appeared on Beyond Identity and was produced and
distributed in partnership with Stacker Studio.

Share this:
Continue Reading

Business

5 tech advancements sports venues have added since your last event

Published

on

By

Uniqode compiled a list of technologies adopted by stadiums, arenas, and other major sporting venues in the past few years.
Share this:

In today’s digital climate, consuming sports has never been easier. Thanks to a plethora of streaming sites, alternative broadcasts, and advancements to home entertainment systems, the average fan has myriad options to watch and learn about their favorite teams at the touch of a button—all without ever having to leave the couch.

As a result, more and more sports venues have committed to improving and modernizing their facilities and fan experiences to compete with at-home audiences. Consider using mobile ticketing and parking passes, self-service kiosks for entry and ordering food, enhanced video boards, and jumbotrons that supply data analytics and high-definition replays. These innovations and upgrades are meant to draw more revenue and attract various sponsored partners. They also deliver unique and convenient in-person experiences that rival and outmatch traditional ways of enjoying games.

In Los Angeles, the Rams and Chargers’ SoFi Stadium has become the gold standard for football venues. It’s an architectural wonder with closer views, enhanced hospitality, and a translucent roof that cools the stadium’s internal temperature. 

The Texas Rangers’ ballpark, Globe Life Field, added field-level suites and lounges that resemble the look and feel of a sports bar. Meanwhile, the Los Angeles Clippers are building a new arena (in addition to retail space, team offices, and an outdoor public plaza) that will seat 18,000 people and feature a fan section called The Wall, which will regulate attire and rooting interest.

It’s no longer acceptable to operate with old-school facilities and technology. Just look at Commanders Field (formerly FedExField), home of the Washington Commanders, which has faced criticism for its faulty barriers, leaking ceilings, poor food options, and long lines. Understandably, the team has been attempting to find a new location to build a state-of-the-art stadium and keep up with the demand for high-end amenities.

As more organizations audit their stadiums and arenas and keep up with technological innovations, Uniqode compiled a list of the latest tech advancements to coax—and keep—fans inside venues.


A person using the new walk out technology with a palm scan.

Jeff Gritchen/MediaNews Group/Orange County Register // Getty Images

Just Walk Out technology

After successfully installing its first cashierless grocery store in 2020, Amazon has continued to put its tracking technology into practice.

In 2023, the Seahawks incorporated Just Walk Out technology at various merchandise stores throughout Lumen Field, allowing fans to purchase items with a swipe and scan of their palms.

The radio-frequency identification system, which involves overhead cameras and computer vision, is a substitute for cashiers and eliminates long lines. 

RFID is now found in a handful of stadiums and arenas nationwide. These stores have already curbed checkout wait times, eliminated theft, and freed up workers to assist shoppers, according to Jon Jenkins, vice president of Just Walk Out tech.

A fan presenting a digital ticket at a kiosk.

Billie Weiss/Boston Red Sox // Getty Images

Self-serve kiosks

In the same vein as Amazon’s self-scanning technology, self-serve kiosks have become a more integrated part of professional stadiums and arenas over the last few years. Some of these function as top-tier vending machines with canned beers and nonalcoholic drinks, shuffling lines quicker with virtual bartenders capable of spinning cocktails and mixed drinks.

The kiosks extend past beverages, as many college and professional venues have started using them to scan printed and digital tickets for more efficient entrance. It’s an effort to cut down lines and limit the more tedious aspects of in-person attendance, and it’s led various competing kiosk brands to provide their specific conveniences.

A family eating food in a stadium.

Kyle Rivas // Getty Images

Mobile ordering

Is there anything worse than navigating the concourse for food and alcohol and subsequently missing a go-ahead home run, clutch double play, or diving catch?

Within the last few years, more stadiums have eliminated those worries thanks to contactless mobile ordering. Fans can select food and drink items online on their phones to be delivered right to their seats. Nearly half of consumers said mobile app ordering would influence them to make more restaurant purchases, according to a 2020 study at PYMNTS. Another study showed a 22% increase in order size.

Many venues, including Yankee Stadium, have taken notice and now offer personalized deliveries in certain sections and established mobile order pick-up zones throughout the ballpark.

A fan walking past a QR code sign in a seating area.

Darrian Traynor // Getty Images

QR codes at seats

Need to remember a player’s name? Want to look up an opponent’s statistics at halftime? The team at Digital Seat Media has you covered.

Thus far, the company has added seat tags to more than 50 venues—including two NFL stadiums—with QR codes to promote more engagement with the product on the field.  After scanning the code, fans can access augmented reality features, look up rosters and scores, participate in sponsorship integrations, and answer fan polls on the mobile platform.

Analysts introducing AI technology at a sports conference.

Boris Streubel/Getty Images for DFL // Getty Images

Real-time data analytics and generative AI

As more venues look to reinvigorate the in-stadium experience, some have started using generative artificial intelligence and real-time data analytics.  Though not used widely yet, generative AI tools can create new content—text, imagery, or music—in conjunction with the game, providing updates, instant replays, and location-based dining suggestions

Last year, the Masters golf tournament even began including AI score projections in its mobile app. Real-time data is streamlining various stadium pitfalls, allowing operation managers to monitor staffing issues at busy food spots, adjust parking flows, and alert custodians to dirty or damaged bathrooms. The data also helps with security measures. Open up an app at a venue like the Honda Center in Anaheim, California, and report safety issues or belligerent fans to help better target disruptions and preserve an enjoyable experience.

Story editing by Nicole Caldwell. Copy editing by Paris Close. Photo selection by Lacy Kerrick.

This story originally appeared on Uniqode and was produced and
distributed in partnership with Stacker Studio.

Share this:
Continue Reading

Business

Import costs in these industries are keeping prices high

Published

on

By

Machinery Partner used Bureau of Labor Statistics data to identify the soaring import costs that have translated to higher costs for Americans.  
Share this:

Inflation has cooled substantially, but Americans are still feeling the strain of sky-high prices. Consumers have to spend more on the same products, from the grocery store to the gas pump, than ever before.

Increased import costs are part of the problem. The U.S. is the largest goods importer in the world, bringing in $3.2 trillion in 2022. Import costs rose dramatically in 2021 and 2022 due to shipping constraints, world events, and other supply chain interruptions and cost pressures. At the June 2022 peak, import costs for all commodities were up 18.6% compared to January 2020.

While import costs have since fallen most months—helping to lower inflation—they remain nearly 12% above what they were in 2020. And beginning in 2024, import costs began to rise again, with January seeing the highest one-month increase since March 2022.

Machinery Partner used Bureau of Labor Statistics data to identify the soaring import costs that have translated to higher costs for Americans. Imports in a few industries have had an outsized impact, helping drive some of the overall spikes. Crop production, primary metal manufacturing, petroleum and coal product manufacturing, and oil and gas extraction were the worst offenders, with costs for each industry remaining at least 20% above 2020.


A multiline chart showing the change in import costs in four major product industries.

Machinery Partner

Imports related to crops, oil, and metals are keeping costs up

At the mid-2022 peak, import costs related to oil, gas, petroleum, and coal products had the highest increases, doubling their pre-pandemic costs. Oil prices went up globally as leaders anticipated supply disruptions from the conflict in Ukraine. The U.S. and other allied countries put limits on Russian revenues from oil sales through a price cap of oil, gas, and coal from the country, which was enacted in 2022.

This activity around the world’s second-largest oil producer pushed prices up throughout the market and intensified fluctuations in crude oil prices. Previously, the U.S. had imported hundreds of thousands of oil barrels from Russia per day, making the country a leading source of U.S. oil. In turn, the ban affected costs in the U.S. beyond what occurred in the global economy.

Americans felt this at the pump—with gasoline prices surging 60% for consumers year-over-year in June 2022 and remaining elevated to this day—but also throughout the economy, as the entire supply chain has dealt with higher gas, oil, and coal prices.

Some of the pressure from petroleum and oil has shifted to new industries: crop production and primary metal manufacturing. In each of these sectors, import costs in January were up about 40% from 2020.

Primary metal manufacturing experienced record import price growth in 2021, which continued into early 2022. The subsequent monthly and yearly drops have not been substantial enough to bring costs down to pre-COVID levels. Bureau of Labor Statistics reporting shows that increasing alumina and aluminum production prices had the most significant influence on primary metal import prices. Aluminum is widely used in consumer products, from cars and parts to canned beverages, which in turn inflated rapidly.

Aluminum was in short supply in early 2022 after high energy costs—i.e., gas—led to production cuts in Europe, driving aluminum prices to a 13-year high. The U.S. also imposes tariffs on aluminum imports, which were implemented in 2018 to cut down on overcapacity and promote U.S. aluminum production. Suppliers, including Canada, Mexico, and European Union countries, have exemptions, but the tax still adds cost to imports.

U.S. agricultural imports have expanded in recent decades, with most products coming from Canada, Mexico, the EU, and South America. Common agricultural imports include fruits and vegetables—especially those that are tropical or out-of-season—as well as nuts, coffee, spices, and beverages. Turmoil with Russia was again a large contributor to cost increases in agricultural trade, alongside extreme weather events and disruptions in the supply chain. Americans felt these price hikes directly at the grocery store.

The U.S. imports significantly more than it exports, and added costs to those imports are felt far beyond its ports. If import prices continue to rise, overall inflation would likely follow, pushing already high prices even further for American consumers.

Story editing by Shannon Luders-Manuel. Copy editing by Kristen Wegrzyn.

This story originally appeared on Machinery Partner and was produced and
distributed in partnership with Stacker Studio.

Share this:
Continue Reading

Business

The states where people pay the most in car insurance premiums

Published

on

By

Cheap Insurance compiled a ranking of the states where people pay the most in full-coverage car insurance premiums using MarketWatch data.
Share this:

Nearly every state requires drivers to carry car insurance, but the laws vary, and many factors affect the cost of coverage.

Some are controllable, at least to degrees: the type of car you have and your credit history. Some are not: your age and gender. Your marital status, place of residence, and claims history are among the other variables that go into it.

Across the United States, premiums are soaring, rising 20% year over year and increasing six times faster than consumer prices overall as of December 2023, CBS reported. Last September, CNN noted that car insurance rates jumped more in the previous year than they had since 1976.

CBS pointed to many potential reasons for these increases in prices. Coronavirus pandemic-era issues have made buying, fixing, and replacing vehicles costlier. Extreme weather events caused by climate change also damage more vehicles, while insurance companies are increasing their business costs. Severe and more frequent crashes are to blame as well, CNN reported.

On top of these, local factors such as population density, the number of uninsured drivers, and the frequency of insurance claims all affect premiums, which can lead motorists to change or switch their coverage, use other modes of transportation, or even alter decisions about when to buy a vehicle or what to look for.

To see how geography affects cost, Cheap Insurance mapped the states where people pay the most in car insurance premiums using MarketWatch data. Premium estimates were based on full-coverage car insurance for a 35-year-old driver with good credit and a clean driving record. Data accurate as of February 2024.


A heat map showing full-coverage car insurance premiums across the US

Cheap Insurance

Americans pay $167 per month on average for full-coverage insurance

There are common denominators among the five states where it’s most expensive to have car insurance: Michigan, Florida, Louisiana, Nevada, and Kentucky. Washington D.C. is another pricey locale, ranking #4 overall.

Three of these six are no-fault jurisdictions and require additional coverage beyond coverage to pay for medical costs. Michigan notably calls for $250,000 in personal injury protection (though people with Medicaid and Medicare may qualify for lower limits), $1 million in personal property insurance for damage done by your car in Michigan, and residual bodily injury and property damage liability that starts at $250,000 for a person harmed in an accident.

Other commonalities between these states include high urban population densities. At least 9 in 10 people in Nevada, Florida, and Washington D.C. live in cities and urban areas, which leads to more crashes and thefts and high rates of uninsured drivers and lawsuits. Additionally, Louisiana, Florida, and Kentucky rank #5, #8, and #10, respectively, in motor vehicle crash deaths per 100 million vehicle miles traveled in 2021 based on Department of Transportation data analyzed by the Insurance Institute for Highway Safety.

A highway in Louisville.

Canva

#5. Kentucky

– Monthly full-coverage insurance: $210
– Monthly liability insurance: $57

A car driving through the desert and mountain scenery in Nevada.

Canva

#4. Nevada

– Monthly full-coverage insurance: $232
– Monthly liability insurance: $107

Cars parked on a street in New Orleans.

Canva

#3. Louisiana

– Monthly full-coverage insurance: $253
– Monthly liability insurance: $77

A bridge over turquoise water.

Canva

#2. Florida

– Monthly full-coverage insurance: $270
– Monthly liability insurance: $115

A truck on a highway surrounded by Fall foliage.

Canva

#1. Michigan

– Monthly full-coverage insurance: $304
– Monthly liability insurance: $113

Story editing by Carren Jao. Copy editing by Paris Close. Photo selection by Lacy Kerrick.

This story originally appeared on Cheap Insurance and was produced and
distributed in partnership with Stacker Studio.

Share this:
Continue Reading

Featured