Six-month update on data breaches 2023

Data breaches have been on the rise for several years, and this trend isn’t slowing down, where 2023 has been no different. Data breaches have affected companies and organisations of all shapes, sizes, and sectors, and they’re costing businesses across the world millions in damages. With the US Government, Discord, and Twitter have all disclosed cybersecurity attacks over the past six months.

High profile data breaches include:

May 12 - US Government Data Breach

Personal information pertaining to 237,000 US government employees had reportedly been exposed in a Department of Transport data breach. It was reported that the breached system is usually used to process “TRANServe transit benefits”, which are effectively transport expenses that government employees commuting into offices can claim back. The Department of Transport released that it had “isolated the breach to certain systems at the department used for administrative functions”. No systems that deal with transportation safety have been affected.

May 12 - Discord Data Breach

Messaging and video chatting platform Discord has told users that their information may have been exposed in a data breach after a malicious actor gained access to it via “a third-party customer service agent”. Discord has told users that their email addresses and customer service queries – as well as any documents sent to Discord – may have been accessed. The customer service agent’s account has been locked and the company is in the process of ensuring that no persistent threat remains on their devices or network.

May 1 - T-Mobile Data Breach

T-Mobile has suffered yet another data breach, this time affecting around 800 of the telecom provider’s customers. According to recent reports, customer contact information, ID cards, and/or social security numbers were scraped from PIN-protected accounts, as well as other personal information pertaining to T-Mobile customers. A data breach notification letter sent out to customers by T-Mobile, and published details the full extent of the data accessed by the threat actors.

Unfortunately, this is the ninth data breach since 2018 and second this year already. In early January 2023, T-Mobile discovered that a malicious actor gained access to their systems in November last year and stole personal information, like names, emails, and birthdays, from over 37 million customers. Once they identified the data breach, they were able to track down the source and contain it within a day.

May 12 - US Government Data Breach

April 10 - Pizza Hut/KFC Data Breach

Yum! Brands, has informed a number of individuals that their personal data was exposed during a ransomware attack that took place in January of this year. The hospitality giant confirmed that names, driver’s license, and ID card info was stolen. An investigation into whether the information has been used to commit fraud already is currently underway.

April 6 - MSI Data Breach/Ransomware Attack

Computer vendor Micro-Star International has suffered a data breach, with new ransomware gang Money Message claiming responsibility for the attack. The group says they’ve stolen 1.5TB of information from the Taiwanese company’s systems and want $4 million in payment – or they’ll release the data if MSI fails to pay.

A member of the ransomware gang said to an MSI agent in a chat “Say to your manager, that we have MSI source code, including framework to develop bios, also we have private keys able to sign in any custom module of those BIOS and install it on PC with this bios.”

March 24 - ChatGPT Data Leak

A bug found in ChatGPT’s open-source library caused the chatbot to leak the personal data of customers, which included some credit card information and the titles of some chats they initiated. “In the hours before we took ChatGPT offline,” OpenAI said after the incident, “it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time.”

January 4 - Twitter Data Breach

Twitter users’ data was continuously bought and sold on the dark web during 2022, and it seems 2023 is going to be no different. According to recent reports, a bank of email addresses belonging to around 200 million Twitter users is being sold on the dark web right now for as little as $2. The data is still being leaked by various threat actors.

How do I prevent my organisation from data breaches?

Prevention is the best protection when it comes to cyber security, although 80% of data breaches are caused by external actors, therefore rigorous training of staff to help recognise phishing emails and malicious activity is a must. IBM Cyber Security Intelligence Index Report states “human error is a major contributing cause in 95% of all breaches. Human errors, meaning breaches caused unintentionally through negligent actions of employees or contractors, were responsible for 21% of breaches in organisations.”

In addition, unauthorised access to networks is often facilitated by weak business account credentials. So, whilst passwords are still in use, a password manager will allow to create robust passwords that are sufficiently long and different for every account held. However, additional security measures are needed, like 2-Factor Authentication, wherever possible, to create a second line of defence.

Adu has been recruiting solely in the cyber security sector since 2014 whilst working for Via Resource since October 2020. Adu focuses exclusively on penetration testing working with an array of national and international testing teams. Adu has nurtured numerous consultants in their search for new roles and has focused on positions ranging from entry level roles through to strategic leadership roles whilst working with a number of industry renowned subject matter experts.

Adu AnserePrincipal Consultant