A Retrospective on Data Breaches and Cyber Attacks in 2023

We are decades into the global digital revolution. The trajectory and momentum of technology innovation show no signs of slowing, which is both good and bad. It is good that technology continues to advance in ways to connect and work. It is bad in that the same advances that provide benefits are exploited to collect sensitive information and do harm.

As this year ends, we reviewed some noteworthy breaches in 2023. Incidents throughout 2023 impacted various industries, from hospitality to healthcare, from telecom to television, software, hardware, social media, online services, municipalities, and nation-states, including their organizational entities, have all fallen victim in one form or another.

• MGM Resorts International suffered a crippling attack on multiple aspects of its infrastructure, taking down systems for many days. BlackCat, a hacker group, exploited vulnerabilities in ESXi Hypervisors, seizing control of MGM systems and then taking down websites, hospitality management, in-casino services, and other systems. Caesars Entertainment also suffered an attack by the same group that stole personally identifiable information, including social security numbers, from a customer loyalty database.
• Numerous healthcare-related companies have been victimized by cyber breaches this past year. Henry Schein, the Dental and Medical Supplies and Services supplier, suffered a Ransomware attack, acknowledging in October that a "portion of its manufacturing and distribution businesses experienced a cybersecurity incident." A month later, the company provided breach notification to customers about credit card and banking information, which may have been compromised. Ardent Health Services, Prospect Medical Holdings, and Lehigh Valley Health Network are just three providers of hospitals and healthcare centers that suffered Ransomware attacks affecting patient care in hundreds of facilities.
• Dish Network revealed in an 8-K filing with the SEC (Securities and Exchange Commission) that the company suffered outages and leaked personal information, likely due to a Ransomware attack. T-Mobile suffered from two cybersecurity breaches. In the first, related to an exploit of an API (Application Programming Interface), customer names, billing and email addresses, phone numbers, dates of birth, account numbers, service details, and plan features were exfiltrated by hackers. In the second, the breach included mobile account PINs, social security numbers, government IDs, dates of birth, balance due, and other data.
• Governments are always on Cyber Defense. They must be right 100% of the time to guarantee security. Meanwhile, hackers only have to be right once to show that nobody is safe from cyber risk. This year, two notable incidents took place. First, a computer at The United States Marshall Service fell victim to a Ransomware Attack. Fortunately, that threat was immediately isolated to a single system, and limited information was leaked. The second was a breach of the FBI Infragard program, a collaborative effort between the FBI and the private sector. Contact information for members and Special Agents was leaked. Once the root cause of the breach was uncovered, the program was locked down, and all members were re-vetted by the FBI using added screening and security.
• Online DNA testing provider 23andMe suffered a breach from a credential stuffing exploit. This exploit resulted in the initial exfiltration of personally identifiable information on 5.5 million customers. It expanded to an additional 1.4 million users identified as a genetic relation through exploiting the platform's Family tree feature.
• Online file transfer service MOVEit fell victim to a Zero Day exploit. Hackers took advantage of a flaw to gain access to servers and used this access to steal user's files uploaded through the system.
• Microsoft and other major online service providers suffered significant Denial of Service Attacks. This led to the US Cybersecurity and Infrastructure Agency (CISA) issuing public advisories on mitigation.

Endpoint Detect and Response software, Security Incident Event Management, and SaaS (Software as a Service) backup are just a few solutions that improve your cyber defenses to mitigate breaches like those highlighted this year.

Contact Us if you would like to discuss any of these solutions or would simply like to speak with experts about the cyber hygiene or breach preparedness for your business.