As we conclude 2023, it's time to pause and reflect on the dynamic landscape of cybersecurity. The cyber landscape has been far from calm, witnessing a series of impactful incidents that demand our attention. To help make sense of it all, the Gramax Cybersec team has put together a comprehensive blog to review the major cybersecurity attacks and breaches faced in 2023. Let's explore key cyber incidents, lessons learned, and trends that shaped the year, aiming to equip ourselves for more effective cyber risk management in the next year.
[NOVEMBER 2023]
Tri-City Medical Centre Ransomware Attack
On November 9, Tri-City Medical Center fell victim to a ransomware attack, causing a significant disruption to its emergency services. While the scale of the attack may not have been massive in terms of the number of affected individuals, the impact was noteworthy. The hospital, facing unauthorized activity on its computer network, had to shut down critical equipment, leading to the inability to accept patients through the 911 system. This incident reveals the heightened vulnerability of medical facilities, with potentially life-threatening consequences due to cybercriminal activities targeting older software systems crucial for patient care.
[OCTOBER 2023]
Largest-Ever DDoS Attack
October witnessed the largest distributed denial of service (DDoS) attack, with internet giants including Google and Amazon issuing warnings about the escalating sophistication of such attacks. The DDoS attacks reached an unprecedented peak of 398 million requests per second, exploiting a zero-day vulnerability and employing a novel HTTP/2 "Rapid Reset" technique. These attacks pose a severe threat to internet-facing websites and services, aiming to overwhelm them with fake data requests.
[SEPTEMBER 2023]
DarkBeam Data Leak
On September 18, 2023, the CEO of the cybersecurity news site SecurityDiscovery, Bob Diachenko, alerted DarkBeam, a digital protection company, of a massive data leak. An unprotected Elasticsearch and Kibana interface exposed a staggering 3.8 billion records. Intriguingly, these records were compiled from previous data breaches, serving as a repository for informing DarkBeam's customers about potential security incidents. Although originating from previous breaches, the sheer volume of exposed data posed a substantial risk for potential phishing campaigns and identity-related scams.
[AUGUST 2023]
UK Electoral Commission Cyber-Attack
In a notable incident on August 8, 2023, the UK's Electoral Commission fell victim to a "complex cyber-attack." Malicious actors gained unauthorized access to the electoral registers, compromising personal information of approximately 40 million individuals. The breach involved accessing Electoral Commission servers containing emails, control systems, and copies of electoral registers from 2014 to 2022. The registers included voters' names, addresses, and birthdates. Security researcher Kevin Beaumont revealed that the Commission was running an unpatched version of Microsoft Exchange Server, making it vulnerable to ProxyNotShell attacks during the incident.
[JULY 2023]
Tigo Video Chat Platform Data Leak
In July, the Chinese video chat platform Tigo experienced a significant data breach, impacting over 700,000 users. The compromised data included names, genders, email addresses, IP addresses, profile pictures, and private messages. The breach raised concerns about data privacy practices and potential misuse of the exposed information.
[JUNE 2023]
Oregon and Louisiana Department of Motor Vehicles Compromise
In June 2023, both the Oregon and Louisiana Departments of Motor Vehicles (DMVs) reported cyber-attacks resulting from a MOVEit software vulnerability. Louisiana's OMV disclosed that at least six million records, including driver's license information, were stolen. The breach, attributed to a third-party software provider, left the full extent of the damage undetermined. On the other hand, the Oregon DMV revealed that an estimated 3.5 million driver's licenses and identity card details were compromised.
[MAY 2023]
Luxottica Cyber-Attack
Luxottica, the world's largest eyewear company, fell victim to a major cyber-attack in May. The breach exposed 74.4 million unique email addresses and 305 million records, including customers' full names, email addresses, home addresses, and dates of birth.
[APRIL 2023]
Shields Healthcare Group Cyber-Attack
In late April, Shields Health Care Group, a Massachusetts-based medical services provider, reported a cyber-attack that compromised the personal data of 2.3 million people. The stolen data included patients' social security numbers, dates of birth, home addresses, healthcare provider information, and billing details.
[MARCH 2023]
Latitude Financial Data Breach
In March 2023, Latitude Financial, a Melbourne-based financial services company, suffered the largest confirmed data breach of the year. Over 14 million records were compromised, including almost 8 million driver's licenses, 53,000 passport numbers, and numerous financial statements. The company initially reported only 300,000 affected individuals, revealing a poor understanding of the breach's scope.
[FEBRUARY 2023]
PeopleConnect Data Breach
PeopleConnect, a background check services provider, along with TruthFinder and Checkmate, confirmed a data breach affecting 20 million individuals. The leaked 2019 backup database contained hashed passwords, email addresses, and full names. This incident exposed sensitive personal information, heightening concerns about data security and the potential for identity theft.
[JANUARY 2023]
Twitter Data Breach
The year started with a notable cyber incident as the criminal hacker 'Ryushi' leaked over 400 million Twitter users' email addresses. While no other personal information was compromised, the exposure of email addresses raised significant privacy risks, especially for high-profile individuals susceptible to phishing or privacy invasions.
Beyond the Headlines!
While the comprehensive review of cybersecurity incidents in 2023 outlined major monthly attacks, it is crucial to acknowledge that the landscape is even more extensive, with additional incidents shaping the ever-evolving threat environment. Beyond the monthly highlights, the cybersecurity landscape witnessed prominent cloud infrastructure exploits, compromising databases and applications hosted by leading cloud service providers. Additionally, a surge in healthcare ransomware attacks disrupted critical medical interventions, underscoring the vulnerability of the healthcare sector to cyber threats. The year also saw the emergence of AI-powered phishing campaigns, where malicious actors harnessed artificial intelligence to orchestrate highly sophisticated attacks that outpaced conventional security measures. These incidents, although not explicitly mentioned in the monthly breakdown, further emphasize the diverse and pervasive nature of cyber threats that organizations across industries must confront and fortify against for robust cybersecurity in the coming years.
The Way Forward
To navigate the complexities of the digital realm in the coming years, organizations must prioritize a multi-faceted approach. Firstly, investing in cutting-edge cybersecurity technologies, such as advanced threat detection systems and artificial intelligence-driven security measures, is crucial to stay ahead of increasingly sophisticated attacks. Additionally, fostering a culture of cybersecurity awareness and education among employees is paramount, as human error remains a significant vulnerability. Regularly updating and patching software vulnerabilities, as highlighted by incidents like the UK Electoral Commission breach, is a non-negotiable aspect of cyber hygiene. Collaborative efforts between governments, industries, and cybersecurity experts can further enhance information-sharing and collective defense strategies. As we step into 2024, a commitment to staying agile, informed, and collaborative will be key to navigating the ever-changing cybersecurity landscape successfully.