Top

The Biggest Cyberattacks of 2022 so far

October is Cybersecurity Awareness Month, and at 4i-Mag, we’ve rounded up the most biggest cyberattacks on record so far in 2022

Cyberattacks are a fast-growing threat to most businesses, organizations, and consumers. Massive hacks, data breaches, digital scams, and ransomware attacks are recorded almost daily, causing intense concern about cybersecurity and protecting personal data online. Hackers manage to constantly develop new attack methods, bypassing security systems and gaining access to databases. Most hackers ask for a ransom to return the personal and sensitive data they have illegally obtained, while others prefer to make a leak and expose systems’ vulnerabilities.

Since 2004, October has been declared Cybersecurity Awareness Month to help individuals protect themselves online as threats to technology and confidential data become more commonplace.

At 4i-Mag, we’ve rounded up the most biggest cyberattacks on record in 2022, showing how hackers operated and the damage they caused to leading organizations and businesses.

#1 – LAPSUS$ Hacking Group

Back in March, LAPSUS$, a well-known hacking group, managed to steal the source code used in Samsung Galaxy devices and acquired access to almost 190 GB of confidential data, including the source code of many technologies and algorithms from biometric functions to unlock devices. The hacking group leaked data in three compressed files and made them available in a torrent.

The cyberattack caused great concern to users of Samsung Galaxy mobile phones, as access to such sensitive data stressed a significant vulnerability to Samsung’s security and data protection policy. Over the past months, LAPSUS$ has managed to hack various tech companies, including Nvidia and Microsoft.

#2 – Big Crypto Heist

Approximately $18 million worth of Bitcoin and $15 million worth of Ethereum, plus other cryptocurrencies, stole by hackers who targeted nearly 500 crypto wallets back in January. The cyberattack took place on Crypto.com, one of the world’s biggest and best-known cryptocurrency exchanges, and the hackers managed to bypass two-factor authentication and access users’ wallets.

Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue. In most cases, the company prevented the unauthorized withdrawal, and in all other cases, customers were fully reimbursed. According to the company, despite the mass attack, no customers experienced a loss of funds.

#3 – Red Cross Data Breach

Over half a million records hosted on Red Cross servers were compromised during a data breach in January. The exposed data included documents that the Red Cross classed as “highly vulnerable.”

During the data breach, hackers stole sensitive data from thousands of users. The hackers’ identity remains unknown till today, and the Red Cross took its servers offline to stop the attack and investigate the breach further. However, it is still unclear whether this massive hack was motivated by politics rather than pure financial gain.

#4 – Ronin Crypto Theft

Ronin, a very prominent and popular blockchain company, was also hacked in March 2022 by an unidentified group of hackers who stole cryptocurrency worth almost $615 million.

According to the company, the hackers had used stolen private keys and the passwords needed to access crypto funds to make off with the funds. This is considered one of the biggest crypto heists, and the hackers managed to steal around 173,600 Ether tokens and 25.5 million USD Coin tokens worth about $615 million.

Biggest Cyberattacks 2022

#5 – GiveSendGo Cyberattack

The personal information of 93,000 individuals who donated money to the Freedom Convoy was released online after a hacking attack on the website GiveSendGo. This is a US-based Christian fundraising website favored by Canadian truckers who drove across the country to protest against COVID rules.

In that case, it was clear that the hackers were motivated by politics and didn’t hack the website for any financial gain. The leaked spreadsheet released by the hackers included raw donor data containing names, emails, and dollar amounts.

#6 – Cash App Data Breach

More than 8 million customers were affected by a massive data breach on the mobile payment service Cash App back in April 2022. Block, the company behind the famous service, declared that a former employee had breached its servers and that there was no hacking group behind the cyberattack.

Sensitive data were exposed and leaked, including customers’ names, brokerage account numbers, brokerage portfolio value, holdings, and stock trading data. Usernames, passwords, and other identity-related information were not accessed.

#7 – Samsung Data Breach

Back in July, Samsung was once again targeted by hackers. The technology giant stated on its website that US-based customers were affected by a cybersecurity incident that leaked some of their information.

The data breach did not impact Social Security or credit and debit card numbers. Still, it affected information such as name, contact and demographic information, date of birth, and product registration information. Samsung detected the incident and has taken actions to secure the affected systems, while the hackers’ identity or motives remain unclear.

#8 – Hellenic Post Cyberattack

In April 2022, Greece experienced an unprecedented cyberattack. A hacking group attacked the Hellenic Post and managed to shut down the central postal system in the whole country for almost two days. The hackers installed malicious software on the Hellenic Post’s information systems and then demanded the payment of ransom. Due to the attack, the local branches of the Hellenic Post could not carry out tasks such as bill collection, mailing, and financial services.

The cyberattack started from a zero-day malware installed on a workstation. According to Hellenic Post, it was determined that the targeted cyberattack aimed at encrypting the critical systems for the operation of the Hellenic Post started from zero-day malware, which was installed on a workstation and with the HTTPS reverse shell technique was connected to a computer system controlled by a hacking group.

George Mavridis is a journalist currently conducting his doctoral research at the Department of Journalism and Mass Media at Aristotle University of Thessaloniki (AUTH). He holds a degree from the same department, as well as a Master’s degree in Media and Communication Studies from Malmö University, Sweden, and a second Master’s degree in Digital Humanities from Linnaeus University, Sweden. In 2024, he completed his third Master’s degree in Information and Communication Technologies: Law and Policy at AUTH. Since 2010, he has been professionally involved in journalism and communication, and in recent years, he has also turned to book writing.