Organizations faced costly consequences from cyberattacks

As we navigate the ever-evolving landscape of cybersecurity threats, the year 2023 has witnessed a series of high-profile data security breaches that have left organizations grappling with the aftermath. We delve into 10 major data breaches of the year, exploring the intricacies of each incident and unraveling the far-reaching impacts on affected entities. From sophisticated cyberattacks targeting government agencies to breaches in widely-used software, these incidents underscore the critical importance of robust cybersecurity measures in an era where the protection of sensitive information is paramount.

Top 10 Data Breaches of 2023

MOVEit –

The most significant and detrimental breach in 2023 revolves around the extensive exploitation of MOVEit Transfer, a widely used file-transfer tool in enterprise settings for secure file sharing. The fallout began in May when a critical-rated zero-day vulnerability in MOVEit Transfer was disclosed by Progress Software, enabling the Clop gang to conduct a second round of mass hacks. The breach has impacted over 2,600 organizations, compromising the personal data of nearly 84 million individuals. The aftermath of the attacks has seen a surge in legal action, including class action lawsuits against IBM, Prudential Financial, Progress Software, and other entities linked to breached servers. As a response to high-profile hacks like MOVEit, the SEC now mandates public companies to disclose cybersecurity incidents within four days of discovery, with exceptions for cases posing national security or public safety risks.

Louisiana & Oregon –

A MOVEit-related cyberattack in June 2023 compromised the data of millions in Louisiana and Oregon, including 3.5 million Oregonians with driver’s licenses or state ID cards and those with similar documentation in Louisiana. People with an active Oregon driver’s license, permit or ID card were told they should assume their personal information was exposed. The breach also affected more than 6 million records in Louisiana. While the states did not assign blame, federal officials link the attack to a Russian ransomware gang. Numerous global organizations, including multiple U.S. federal agencies like the Department of Energy and the Office of Personnel Management, were targeted, but officials described it as a financially motivated, opportunistic hack with no significant disruptions to agency services.

Health Care Industry –

More than 115 million people were affected by data breaches within the healthcare industry in 2023. Rarely a day went by without a hacking/IT or unauthorized access incident, according to data compiled by the U.S. Department of Health and Human Services Office for Civil Rights. The largest industry hack in 2023 targeted HCA Healthcare and affected more than 11 million individuals. The HHS emphasizes the vulnerability of healthcare to cyberattacks due to the sector’s willingness to pay ransoms, the value of patient records, and inadequate security measures.

Fortra –

A significant data breach involving cybersecurity firm Fortra impacted more than four million individuals globally, with a focus on medical data. Targeted organizations include Hitachi Energy, Saks Fifth Avenue, Procter & Gamble, NationBenefits, among others. The breach, initiated by the Russia-linked ransomware group Clop, commenced in late January 2023. Fortra issued a security alert and provided a patch for the remote access vulnerability.

Microsoft –

A high-profile breach of Microsoft cloud email accounts affected multiple U.S. government agencies. Reports indicate that Chinese hackers stole 60,000 emails from 10 U.S. State Department accounts, prompting a senator to request a federal investigation into Microsoft’s security practices. In September, Microsoft revealed additional issues that allowed the China-linked threat actor, known as “Storm-0558,” to compromise cloud email accounts of U.S. officials. The company attributed the compromise to a flaw in Azure Active Directory key handling and acknowledged that the threat actor accessed the key through compromising a corporate account belonging to a Microsoft engineer.

MGM Resorts International –

A cyberattack that disrupted operations at one of the world’s largest gambling firms, MGM Resorts International, cost the organization at least $100 million. After discovering the attack, which compromised the personal information of some customers, MGM shut down some of its systems and brought law enforcement in to help investigate. The company set up a designated call center and offered credit monitoring services at no cost to the customer. A hacking group named AlphV claimed it was involved in the breach, according to Reuters.

JumpCloud –

A sophisticated North Korean threat actor
successfully spear-phished a JumpCloud software engineer, gaining developer-level access to JumpCloud environments. Using this access, the threat actor pivoted to other systems and launched workloads in the container orchestration system. JumpCloud concluded the breach targeted a small set of customers, but acknowledged the threat actor was “sophisticated” with “advanced capabilities.”

23andMe –

In early October, a threat actor exploited credential stuffing to access approximately 14,000 23andMe user accounts. While no data security incident within 23andMe’s systems occurred, the compromised accounts were used to access DNA Relatives profiles (around 5.5 million) and Family Tree feature profiles (about 1.4 million). The company responded by notifying all customers, requiring password resets, and implementing two-step verification for enhanced security.

Mint Mobile –

The mobile virtual network operator that offers budget mobile plans disclosed a
recent data breach, notifying customers about unauthorized access to limited customer information, including names, telephone numbers, email addresses, SIM serial numbers, and IMEI numbers. While credit card numbers were not exposed, the breach raises concerns about potential SIM swap attacks due to the sensitive data accessed. Mint Mobile asserts that passwords, protected with “strong cryptographic technology,” remain uncompromised, but the extent of hashed password access is unclear from the statement. The exposed information poses a risk for threat actors to conduct SIM swapping attacks and gain unauthorized access to online accounts through password resets and OTP codes, commonly employed in cryptocurrency exchange breaches.

Real Estate Wealth Network –

This incident involved data exposure of 1.5 billion records in an unprotected database, revealing details on property owners, investors and sellers. A cybersecurity researcher said the exposed information included details on celebrities and politicians, such as Kylie Jenner, Blake Shelton, Britney Spears, Elon Musk & Associates LLC, Dolly Parton, and Nancy Pelosi. The researcher points out that while property tax records in the US are considered semi-public, full public access to ownership information is typically not available, Security Week reports. An exposure of this type could create a risk to the safety and security of high-profile figures and could also lead to property and mortgage fraud.

Cost of a Data Breach

The cost of a data breach or cyberattack can have profound financial repercussions for organizations. Beyond immediate financial losses, there are often long-term consequences such as reputational damage and customer trust erosion, which can lead to a decline in business. Investing in robust cybersecurity measures becomes not just a necessity for protecting sensitive data but also a strategic imperative for safeguarding the overall health and sustainability of an organization.

  • $4.45 million – global average cost of a data breach in 2023, a 15% increase over 3 years.
  • 51% of organizations are planning to increase security investments as a result of a breach
  • $1.76 million – average savings for organizations that use security AI and automation extensively compared to organizations that don’t.

    Source: IBM Cost of a Data Breach Report 2023

How Secuvy Protects Your Data

In the face of escalating cybersecurity threats, preventing data breaches has become a paramount concern for organizations. Secuvy addresses this urgent need with its advanced self-learning AI platform, facilitating a shift from reactive to proactive data management. The platform significantly reduces risk by discovering, classifying, and protecting sensitive data, aiding in certifications such as SOC2, ISO, 27001, 27701, and compliance with global privacy laws. Unlike traditional approaches, Secuvy’s dynamic and adaptive dimension ensures swift detection of anomalous patterns, constant refinement of security measures, and autonomous analysis of colossal data volumes.

The Secuvy Platform provides:

  • Contextual Data Lineage – Expose intricate data interdependencies amongst individuals, departments, and 3rd parties. Secuvy builds a graph of relationships highlighting potential exposure and data risk.
  • Data Loss Prevention – AI-driven data loss prevention intelligently identifies, classifies, and protects sensitive data across various platforms. The platform prevents unauthorized access and leaks while ensuring compliance in near real-time, significantly minimizing risks.
  • Data Risk Metrics – Automates data risk metrics to autonomously quantify and evaluate data vulnerabilities. This streamlines risk assessment, enhances accuracy, and facilitates data-driven decision-making for improved security measures and data risk remediation.Contextual Data Deletion – Data deletion is a secure and irreversible removal of specific information from files, databases, and Software-as-a- Service (SaaS) applications. Automated data deletion minimizes the risk of data breaches, supports regulatory compliance, and upholds the principles of privacy by design.
  • Continuous Discovery – With persistent monitoring, differential scans detect dark data. Locate hidden, unmanaged data for better compliance, security, and operational efficiency at Petabyte scale.

Contact us today to schedule a demo and see how Secuvy can protect your organization from breaches and attacks in 2024 and beyond!