This year was marked by a number of significant data breaches that affected the cybersecurity industry. Surprisingly, even tech companies or cybersecurity providers fell victim to cyberattacks in 2023.
Carlos Salas, a cybersecurity expert at NordLayer, shares his take on these attacks: “It is important to evaluate what had happened before so that we can learn from past mistakes. While the future can bring various threats, the least you can do is stay informed.” Lastly, Salas gives advice on how to stay protected and what to do when experiencing a data breach.
MailChimp data breach
The breach was executed through a social engineering attack on MailChimp employees and contractors, enabling attackers to obtain employee credentials. Although there was no indication that the stolen data had been misused, there were concerns about this happening. People were worried even though there was no proof the stolen data had been exploited. “Such information might be utilised in deliberate phishing attempts to get login passwords or implant malware,” Salas says.
Activision data breach
Activision, a video game publisher known for games like Call of Duty and World of Warcraft, experienced a data breach in early December 2022, which surfaced only in February 2023. Attackers accessed the company’s internal systems through an SMS phishing attack on an employee. Supposedly, the targeted employee belonged to the human resources department and had access to a significant amount of sensitive employee information. As a result, workplace information and Call of Duty franchise plans were exploited.
ChatGPT data breach
The data breach was caused by a bug in the Redis open-source library, which exposed about 1.2 per cent of the personal information and chat titles of ChatGPT Plus subscribers. The breach wasn’t directly caused by a threat actor but resulted from a vulnerability in the Redis open-source library. This vulnerability was inadvertently exploited due to a server-side change introduced by OpenAI.
MOVEit data breach
This data breach in May 2023 was a significant cybersecurity incident. It involved a zero-day vulnerability in MOVEit Transfer. This critical-rated vulnerability allowed attackers, particularly Cl0p, a ransomware and extortion gang, to raid the MOVEit Transfer servers and steal the sensitive customer data stored within. The estimated total cost of the MOVEit mass-attacks so far is about $9.9bn, based on the average cost of data breaches and the number of individuals affected. This figure could potentially scale to at least $65bn.
JumpCloud data breach
The breach was the result of a sophisticated nation-state actor’s intrusion. The attackers accessed JumpCloud’s systems to target a small and specific set of customer accounts. The attack vector was a data injection into the commands framework, and it was highly targeted. The extent of the damage and the specific details about the customers impacted have not been fully disclosed, but the breach highlights the importance of robust cybersecurity measures against sophisticated and persistent nation-state actors.
UK Electoral Commission data breach
The Electoral Commission, an independent body overseeing elections and regulating political finance in the UK, fell victim to hostile actors in August 2023. This complex cyberattack involved unauthorised access to internal emails, control systems, and copies of electoral registers, which contain voter data.
T-Mobile data breach
In September 2023, T-Mobile experienced a significant data breach involving employee and customer data exposure. The breach, part of a series of security lapses, revealed T-Mobile employee information and exposed customer details through a glitch in the T-Mobile app. While initially downplayed, reports later indicated the potential compromise of millions of customers’ data. Carlos says: “This incident underscores the persistent cybersecurity challenges faced by large corporations, emphasising the need for robust and continually updated security measures.”
How can you protect your business from data breaches?
“In order to prevent a potential data leak or breach, follow strong password policies and enable two-factor authentication. Also, educate your employees about social engineering attacks and how to recognise a phishing attempt. However, if you experience a data breach, make sure to communicate, inform state authorities, and never try to hide it,” adds Salas.
Carlos Salas is head of platform engineering at NordLayer
©
SecuringIndustry.com