As organizations are increasingly moving their workloads to the cloud, cloud security is becoming more important than ever. However, a recent report says that more than 80% of organizations have experienced a cloud-related security incident over the past 12 months. Here’s a look at the biggest cloud security incidents in 2022.
FlexBooker data breach
US-based digital scheduling platform FlexBooker suffered a data breach that involved sensitive information of 3.7 million users after threat actors breached its AWS (Amazon Web Services) server.
2.4TB BlueBleed data leak
2.4TB of Microsoft customer data belonging to more than 65,000 companies across over 100 countries was exposed due to a misconfigured Azure Blob Storage bucket.
The biggest data leak in the history of China to date
Hackers stole data of more than 1 billion Chinese citizens from a Shanghai police database and tried to extort the department for about $200,000 in what appears to be one of the most extensive data breaches to date.
Microsoft hacked by Lapsus$ data extortion group
The infamous Lapsus$ hacker group breached Microsoft’s Azure DevOps server and stole 37 GB of data, mainly source code for the various internal Microsoft projects, including Bing, Bing Maps, and Cortana.
Medibank data breach
Medibank, one of Australia’s largest health insurers, had suffered a massive data breach that affected more than 9 million customers.
23 million files exposed in Pegasus Airlines breach
Pegasus Airlines, a low-cost Turkish airline, exposed around 6.5 TB of data, including sensitive flight data, source code, and personal information of flight crews due to a misconfigured AWS S3 bucket.
Mangatoon data breach
Data belonging to 23 million users of online comic book provider Mangatoon was exposed after a threat actor stole it from an unsecured Elasticsearch database.
Puma breached in Kronos ransomware attack
Multinational sportswear maker Puma was one of the victims of a ransomware attack that hit the cloud-based HR management company Kronos in December 2021.
Misconfigured Amazon server exposed Prime Video viewing data
US-based tech giant Amazon left unprotected a Prime Video database named “Sauron,” exposing around 215 million records of Prime Video viewing habits.
Massive Civicom data leak
Civicom, a company that offers audio, web conferencing, and market research services, exposed a large trove of sensitive customer data via a misconfigured Amazon S3 bucket, which was left open without password protection and security verification.
Full Story:
https://www.immuniweb.com/blog/top-10-cloud-security-incidents-in-2022.html
