With each passing year, it seems data breaches become more costly to victims, and 2022 was no exception.

Verizon’s annual Data Breach Investigations Report found, for instance, that the average cost of ransomware attacks doubled over the past two years to $26,000. Of those attacks, 95% of those affected experienced a loss between $1 million and $2.5 million.

No entity wants to experience a data breach, and it’s not only because of the financial losses they may face. Data breaches can also harm an organization’s reputation as well, which is why they try their best to ensure all the data they hold is secured.

In this week’s installment of the BlackCloak Thursday Threat Update, we’ll look at a pair of data breaches affecting a free VPN service and a diagnostics company.

SuperVPN data breach affects 360 million users

What we know: The free VPN app SuperVPN experienced a data breach affecting more than 360 million users. Compromised information includes users’ email addresses, IP addresses, secret keys, geolocation information, visited websites and other user data. This is not the first data breach to affect SuperVPN, as it experienced an incident in 2022 where 21 million users were impacted.

Recommendations: Be on the lookout for phishing emails and other suspicious messages. Cybercriminals may craft messages using your email address, combined with the websites you visit and your location, that will entice you to perhaps click on malicious links and email attachments that may contain malware. Additionally, be sure to read reviews and conduct research before using any free app or service. While it may be convenient to use a free service, it may come at the cost of security measures or other elements that could protect your data. 


Enzo Biochem discloses breach impacting 2.5 million people

What we know: In a recent filing with the Securities and Exchange Commission, Enzo Biochem disclosed it was the victim of a ransomware attack where the data belonging to nearly 2.5 million people was compromised. Clinical test information was the most common data point exposed, however, at least 600,000 people had their Social Security numbers compromised in the breach.

Recommendations: As Social Security numbers were involved in this breach, it’s a good idea to place a credit freeze and fraud alert on your accounts as soon as possible. Even if you are not one of the 600,000 people who had their Social Security number caught up in the incident, it’s still a good idea to take this step out of an abundance of caution. 


Use resources available to protect yourself

Education is a key element to protecting yourself against cyber threats, but there are also tools available to you that will also give you an extra layer of protection against malicious actors.


Learn how to use additional two factor authentication methods beyond SMS text messages to protect your cryptocurrency accounts and how VPN services can protect you as you navigate the internet.