The Biggest Cybersecurity Incidents of 2023

The Biggest Cybersecurity Incidents of 2023

The year 2023 has witnessed an alarming surge in the frequency and severity of data breaches, leaving a trail of compromised personal information and disrupted operations in its wake. These cyberattacks have targeted a diverse range of organizations, including government agencies, healthcare providers, and multinational corporations, highlighting the pervasiveness of cybersecurity threats in today’s digital landscape.

23andMe data leak

In October 2023, the genetic testing company 23andMe disclosed that the data of potentially millions of its customers had leaked. This data was not exfiltrated due to a system intrusion, but rather through credential stuffing attacks and the use of a feature on the site that allows users to search for “DNA Relatives.” The company confirmed a trove of user data had been stolen from its website, including names, years of birth, and general descriptions of genetic data. The data related to hundreds of thousands of users of Chinese descent and primarily targeted Ashkenazi Jews. A hacker claiming to have stolen the data posted millions of more records for sale on the platform BreachForums, TechCrunch reports. 

Twitter 235 million Accounts Leaked T

Records of 235 million Twitter accounts and the email addresses used to register them were posted to an online hacking forum, setting the stage for anonymous handles to be linked to real-world identities, later fixed in January 2022. Researchers warned that the email addresses, which included the details of politicians, journalists and public figures, could be used to dox pseudonymous accounts. 

ICMR Indian Council of Medical Research

In October 2023, the Indian Council of Medical Research (ICMR) disclosed a massive data breach that exposed the personal information of over 815 million people. The breach, which is believed to be one of the largest in history, included sensitive data such as names, addresses, phone numbers, and email addresses. Several opposition parties and experts pointed out that this is not the first time an Indian government server had been breached and citizens’ personal data compromised. 

UK Electoral Commission Data Breach 

In August 2023, the UK election watchdog announced that hackers broke into the Electoral Commission IT systems in August 2021 and had access to sensitive data until they were discovered and removed in October 2022. The unnamed attackers accessed Electoral Commission email correspondence and could have viewed databases containing the names and addresses of 40 million registered voters, including millions of those not on public registers. It’s not yet been revealed who carried out the intrusion or how the commission was breached.

DarkBeam Data Breach

The DarkBeam data breach was a massive cybersecurity incident that occurred in September 2023. It was revealed that a hacker group known as DarkBeam had amassed a database of over 3.8 billion stolen records. The database is believed to be one of the largest collections of stolen data ever discovered and includes email addresses and passwords from previously reported and non-reported data breaches. This information could be used by criminals for a variety of purposes, such as identity theft, fraud, and phishing attacks.

Sony

In October the news leaked that Sony had told current and former employees and their family members about a cybersecurity breach that exposed personal information. This was confirmed by a Data Breach Notification submitted in Maine. It was likely a fall-out from the attack on Sony that was claimed by the Cl0p ransomware gang in June. While the FBI has warned of multiple ransomware attacks on the same victim, neither of these ransomware groups are on their list of ransomware variants that are used in these double attacks, so it is doubtful that this was the play here.

Hot Topic Cyber Attacks

Hot Topic announced that it had been hit by a wave of credential-stuffing attacks from February to June 2023. According to the retailer, “suspicious login activity” on its rewards platform led to the cyber attacks being discovered. The attacks may have allowed the malicious actors responsible to access sensitive customer information. Following an investigation into the data breach, Hot Topic found that legitimate credentials were used in the attack, but that these credentials were obtained from an “unknown third-party source”, not Hot Topic itself.

Lapsus$ – The Teenager Hacker

A court found an 18-year-old from Oxford was a part of an international cyber-crime gang responsible for a hacking spree against major tech firms this year. Arion Kurtaj was a key member of the Lapsus$ group which hacked the likes of Uber, Nvidia and Rockstar Games. They first made headlines when it waged a ransomware attack against the Brazilian Ministry of Health in December 2021, compromising the COVID-19 vaccination data of millions within the country. It had targeted a number of high-profile technology companies, stealing data from Nvidia, Samsung, Microsoft, and Vodafone. 

Conclusion

The data breaches of 2023 serve as a stark reminder of the evolving cybersecurity landscape and the increasing sophistication of cyberattacks. Addressing the root causes of security breaches requires a multifaceted and proactive approach. Technical vulnerabilities, human factors, inadequate policies, and third-party risks collectively contribute to the complexity of the cybersecurity landscape. Organizations must adopt a comprehensive strategy that includes regular software updates, robust security policies, continuous employee training, and diligent oversight of external partnerships. By acknowledging and addressing these root causes, we can collectively work towards building resilient digital ecosystems that safeguard sensitive information and preserve the integrity of our interconnected world.

Monitoring Remote Sessions

With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’ desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.

TSFactory’s RecordTS v7 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.

Click here to learn more about secure remote session recording.