Top 5 Cyber Attacks in 2023
In today's tech climate, data makes up a large part of a company’s value. It includes emails, personal information, and security records.
When an organization's data is obtained by a malicious outside source, there is no going back. A breach compromises all existing data, even if it is retrieved. In the last year, top-level companies with seemingly strong security have been hacked causing catastrophic damage.
In 2023, the global average of a data breach was 4.45 million, a significant 15% increase from previous years. Hackers are getting better. The complexity of their attacks is increasing and growing with tools like AI.
According to our research, there were 71 publicly disclosed security incidents in September 2023, accounting for 3,808,687,191 compromised records, bringing the year’s total to over 4.5 billion.
Attack Forms
Ransomware continues to dominate as the most prevalent form of cyber breach in today's digital landscape, with September alone witnessing more than five major breaches. Among the notable victims were Auckland University and Johnson group Marketing, highlighting the indiscriminate nature of these attacks.
The rise of ransom attacks is a growing concern for companies, with notorious groups like Black Cat, Mimic, 3 AM Ransomware, and Lost Trust leading the way. These attacks are driven by the lure of financial gain, as each successful ransom payment only encourages more attackers to engage in this malicious behavior.
As data becomes an increasingly valuable commodity, companies that possess vast amounts of valuable information become prime targets. To navigate the chaos of cyber threats, organizations must prioritize the establishment of an impenetrable security network. By doing so, they can maintain peace of mind amidst the ever-evolving landscape of cybercrime.
The top 5 data breaches of 2023 are detailed below.
MOVEit: May/June 2023
MOVEit is a data transfer program that is owned by a company called Progress Software. Moveit transfers information for publicly and privately owned sectors. Companies use this program to move personal data from financial services companies, and government agencies. Companies like Shell, The US Department of Energy and British Airways all use Moveit to transfer files.
One of the largest undercover hacks of the year was launched in May 2023, retreiving information from a relatively unknown organization called Moveit. The hacker group CLOP obtained the credentials to records from Moveit and began the most destructive hack of the decade to date.
The mass hack of file transfer tool, MOVEit, has impacted more than 200 organizations and up to 17.5million individuals as of July 2023. The federal agencies affected include the Department of Energy, Department of Agriculture, and Department of Health and Human Services. Many schools across the U.S have also been targeted by the hack.
The breach spread to companies worldwide, however the majority of victims were Americans.
The percentage of affected countries are:
American - 83.9%
Germany-3.6%
Canadian- 2.6%
In what can only be described as a staggering breach, the personal information of a whopping 64 million individuals was unveiled in June 2023, setting a new record for the largest breach of its kind.
A chilling aspect of the Moveit incident is that countless individuals remain unaware of the imminent danger they face. Unbeknownst to them, their personal information has been surreptitiously acquired through the data transfer process facilitated by Moveit, leaving them vulnerable to potential future attacks by the hackers.
MGM
On September 13th, 2023, MGM was attacked by a group called ALPHR also known as Black Cat. The hackers asked for a high ransom that MGM declined, opting to shut down all operations, preventing further damage and relied on its insurance policy. The following days, chaos ensued for all those that were on MGM property. Rooms keys stopped working, slots shut down and customers left the premises.
The resulting damage was the worst MGM has experienced, causing over 100 million in losses. In addition to the financial hit that the company took, its customers have been breached and may still be at risk. The names, driver's licenses, and birth dates of MGM customers were obtained.
There is no known end to the ripple effect this breach will have for MGM, its employees and its customers.
The main reason hackers aim to obtain data is to hold stolen data for ransom. When it is in their possession, there are many ways to use it, like leaking it to public forums or selling it to other cybercriminals or on the black market.
These examples represent the trend that will continue as long as companies store data.
DARKBEAM
DarkBeam, a small company specializing in cyber threat management and data vulnerability, recently faced a major data breach. The breach was initially discovered by SecurityDiscovery's CEO, Bob Diachenko, who promptly informed DarkBeam about the situation. This massive breach exposed a staggering 3.8 billion records, making it one of the largest data breaches in recent history.
The cause of the breach remains uncertain, but there is evidence suggesting that a DarkBeam employee had compiled a substantial amount of data in 2019 and 2020. This data may have been left unprotected due to unchanged passwords or inadequate maintenance.
The implications of this data breach are currently unknown, leaving users associated with DarkBeam potentially vulnerable to cyberattacks. It is advisable for users who suspect their information is included in this breach to change their passwords and implement two-factor authentication as a precaution. The incident underscores the risks associated with handling sensitive user information and the importance of robust cybersecurity measures.
IMPLICATIONS
The potential for exploitation looms over both companies and individuals associated with DarkBeam, as hackers leverage this acquired information to launch relentless brute force attacks and crack login credentials like solving a complex puzzle.
After experiencing a significant breach, DarkBeam's reputation, which was once built on its robust security measures, now faces a daunting challenge of restoring trust with its clients. This process will require time, dedication, and substantial efforts to rebuild the confidence that was shaken by this massive security incident.
Pôle employ
A ripple effect of the Moveit breach has become a big problem in France. The French government leaked information of a huge amount of its citizens.
The Pole Employ is a French government agency that holds personal info. French citizens registered with the agency leading up until 2022 were compromised, including names and social security numbers.
Over 10 million individuals had information that was likely compromised by this attack.
There appears to be no compensation offered to victims of the breach. Pole Employ advises job seekers to be aware of proposals and approaches that appear fraudulent.
T-Mobile
In May, T-Mobile was attacked for the second time in 2023. A hack revealed the PINs, full names, and phone numbers of over 800 customers.
This is the company’s ninth data breach since 2018 and second this year. In January T-Mobile was the victim of a malicious actor that gained access to their personal network with customer personal info: names, emails, and birthdays – from 37 million people. After discovering this disastrous situation, T-Mobile tracked down the source to mitigate the damage within the day.
Although they stopped the source, T-Mobile may incur significant expenses from this breach. This is on top of the $350 million they agreed to settle with customers in 2021 for a separate breach. T-Mobile has lost hundreds of millions because of leaks in security, in addition to a tarnished reputation for security and customers’ trust after recurring breaches of personal information.
UK Electoral Commission
In a shocking revelation, the Electoral Commission issued a notice to its citizens, informing them of a sophisticated cyberattack launched by malicious actors. These hackers managed to breach the UK's electoral registers, which contained the personal information of approximately 40 million individuals.
The Commission first became aware of the incident in October 2022 when they detected suspicious activity on their network dating back to early 2021. The attackers gained access to the Electoral Commission servers, which housed emails, control systems, and reference copies of the electoral registers for voters registered between 2014 and 2022, including overseas voters.
As a result of this breach, vital information such as voters' names and addresses was compromised. Furthermore, the hackers obtained personal data from the Commission's email system, including names, email addresses, home addresses, telephone numbers, and other personal information submitted through webforms or emails.
Disturbingly, it was later discovered that the cyberattack was even more sophisticated than initially thought. A whistleblower revealed that the Commission had failed a Cyber Essentials audit during the time the attackers infiltrated their systems.
While there is no evidence to suggest that the attackers exploited any vulnerability associated with this audit failure, the failure itself indicates a lack of thorough security measures at the Commission. Security researcher Kevin Beaumont delved into the details and uncovered that the Commission was running an unpatched version of Microsoft Exchange Server, which was vulnerable to ProxyNotShell attacks at the time of the incident.
This attack exposed a fundamental breach in cybersecurity, something that every organization should protect against at a basic level. The incident serves as a reminder of the importance of robust security measures and the need for constant vigilance in the face of evolving cyber threats.
Stats and Recap
The stats below report the totals up to date from September 2023.
Here are the top data breach stats for 2023:
Number of incidents in September 2023: 71
Number of breached records in September 2023: 3,808,687,191
Number of incidents in 2023: 838
Number of breached records in 2023: 4,500,775,104
The previous cases indicate that there is no stop to the volume and frequency of groups exploiting a company’s resources. Attacks are expected to continue into the 2024 at an increasing rate.
How Datalink Can Help
To protect your valuable data and ensure the safety of your organization, it is essential to choose a reliable and experienced cybersecurity provider like Datalink Networks. With our expertise and cutting-edge solutions, we can help you establish an impenetrable security network that can withstand the ever-evolving landscape of cybercrime. Don't wait until it's too late; engage with Datalink Networks today and safeguard your most valuable asset: your data.
COMMENTS