Wrap Up of All Major Cybersecurity Incidents in 2023

There has been a 600% increase in cyber attacks ever since the pandemic. In fact, cybercrimes will cost the world around $10.5 trillion annually by 2025. Therefore, 2023 has again remained in the limelight for cyberattacks as the number and scale of attacks grew significantly.

2023 reported thousands of cyber incidents, resulting in millions of data breaches worldwide. Let's wrap up all the major cybersecurity incidents in 2023 we know so far.

List of All Major Cybersecurity Incidents in 2023

Although there are hundreds of thousands of cyberattack incidents reported in 2023, below we have shortlisted the major events that became the highlight of news agencies:

1.      Major Cyberattacks in January 2023

• Twitter Hack: 200 million email addresses of Twitter users were stolen and posted online on the hacker forum.
• T-Mobile Breach: 37 million T-Mobile customers' data was stolen due to the attack on API vulnerability.
• JD Sports Breach: JD Sports, the UK's sports apparel chain, had 10 million customers' data stolen by hackers who succeeded in getting unauthorized access.

2.      Major Cyberattacks in February 2023

• Source Code Breach of GoDaddy:A highly skilled threat actor group carried out a multi-year attack in which they stole the source code of GoDaddy and installed malware on the servers.
• Weee! Data Breach:Weee!, a food delivery service, faced a data breach that compromised the information of 11 million customers.
• PeopleConnect Data Breach:PeopleConnect, the company behind the Instant Checkmate and TruthFinder, reported a data breach of 20 million users' data.

3.      Major Cyberattacks in March 2023

• ChatGPT Vulnerability: OpenAI detected the vulnerability in ChatGPT that could allow users to view other active users' names, payment addresses, emails, credit card last four digits, and credit card expiration dates. However, OpenAI took ChatGPT offline and fixed the vulnerability in a short period.
• Latitude Financial Data Breach: The Australian financial services company Latitude Financial faced a cyberattack leading to the data breach of 14 million customer records.
• AT&T Data Breach: AT&T, the provider of telecommunication services, faced a data breach due to a hack on their marketing vendor. The breach resulted in the theft of 9 million customers' data.

4.      Major Cyberattacks in April 2023

• American Bar Association Hacked:The ABA faced a severe data breach where the hackers were able to steal 1.4 million members' credentials.
• ICICI Bank Data Leaked: ICICI Bank, valued above $76 billion, leaked sensitive data of millions of its clients due to misconfiguration of the bank's systems.
• Philippine Police Data Breach: The database of Philippine Police containing 800 gigabytes of information and 1.2 million police records was breached.

5.      Major Cyberattacks in May 2023

• MCNA Attack:MCNA Insurance Company, an insurance provider, faced a data breach of around 8.9 million patients. The breach caused impacts on over 100 organizations.
• Luxottica Hack: Luxottica, the well-known eyewear company, got hacked and caused the exploitation of over 70 million customers' data.

6.      Major Cyberattacks in June 2023

• TSMC Ransomware Attack:TSMC, the world's largest chip manufacturer, site got hacked by the LockBit ransomware gang, which later demanded a $70 million ransom.
• MOVEit Data Breach: MOVEit, a globally used corporate file transfer tool, got a noisy breach. Its zero-day SQL injection vulnerability caused attackers to victimize both business organizations and government institutes and steal sensitive data. This breach also led to a series of attacks on associated organizations, causing millions of data breaches.
• Enzo Biochem Data Breach:Enzo Biochem, a reputed life sciences and biotechnology company, had to deal with unauthorized access to its computer systems. It led to the breach of 2.5 million individuals' social security numbers and personally identifiable information.

7.      Major Cyberattacks in July 2023

• Revolut Hacked:Revolut, a fin-tech company, was hacked due to software vulnerability in its payment systems. Hackers were able to steal $20 million.
• Microsoft Hack:The Microsoft email accounts of around 25 organizations, including US government agencies, were compromised due to the software vulnerability. The attack is referred to as Storm-0558.
• HCA Data Breach:HCA, one of the US's largest healthcare providers, had a data breach from its external storage location. The breach compromised the data of 11 million patients.
• Egyptian Ministry of Health and Population Data Breach:A threat actor claimed to have access to 2 million records from the Egyptian Ministry of Health and Population.
• Indonesian Passport Holders Data Breach:Bjorka, an infamous hacktivist, made the personal data of 35 million Indonesian passport holders for sale on the dark web for $10,000.

8.      Major Cyberattacks in August 2023

• Duolingo Data Breach: Duolingo, a popular language-learning platform, faced a data breach that exposed the information of 2.6 million Duolingo users.
• Colorado Department of Higher Education Ransomware Attack:The Colorado Department of Higher Education had a ransomware attack and a data breach, resulting in exposing 13 years of data from 2004 to 2020.
• Pôle emploi Data Breach: Pôle emploi, a French employment agency, got hit with MOVEit vulnerability. It resulted in the breach of 10 million people's data.

9.      Major Cyberattacks in September 2023

• MGM Resorts and Caesars Entertainment Cyberattacks:MGM Resorts and Caesars Entertainment, the two largest casino owners in Las Vegas, were victims of cyberattacks. As per reports, The Caesars' customer database and MGM's hotel reservations system were compromised, which even led MGM's IT system to remain down for 10 days.

Wrapping Up

Cyberattacks are linked to technological advancements. As new technological innovations are growing aggressively, cybercriminals are also finding new advanced ways to find vulnerabilities and make an impact. Moreover, the 2020 Global Risk Report by the World Economic Forum states the rate of detection is just 0.05% in the U.S.

Therefore, the above 2023 summary of cybersecurity incidents is proof of the aggressiveness of cybercriminals. So, we cannot predict that 2024 will be a safer year, as the trends and statistics show no sign of slowing down.

Contact us to arrange for a review of your current IT security.