The past year has been marked by several very serious breaches of data. We’ve reported on the ransomware attack on the British Library, the attack on Royal Mail, and showed how an attack on one IT firm affected whole chains of house sales. Just last month, the Joint Committee on the National Security Strategy produced a damning report on the failure to plan for and tackle this problem.
Attacks are, of course, not restricted to the UK. In looking at what’s happening elsewhere, what’s especially striking is that even tech companies and cybersecurity providers fell victim to cyberattacks in 2023.
But, says Carlos Salas, a cybersecurity expert at network access security service NordLayer, ‘We can learn from past mistakes. While the future can bring various threats, the least you can do is stay informed.’
In what follows, Carlos shares his view of what’s been happening, provides advice on how to stay protected and – perhaps most importantly – tells us what to do if we experience a data breach.
MailChimp data breach
This breach was executed through a social engineering attack on MailChimp employees and contractors, which enabled the attackers to obtain employee credentials. There was no indication that this stolen data was then misused or exploited but there have obviously been concerns about it happening at all.
‘Such information might be used in deliberate phishing attempts to get login passwords or implant malware,’ says Carlos.
Activision data breach
Video game publisher Activision is known for games such as Call of Duty and World of Warcraft, and experienced a data breach in early December 2022 – though news of this emerged in February 2023. Attackers successfully used an SMS phishing attack on an employee to access the company’s internal systems. It’s understood that the targeted employee was in the human resources department and so had access to significant levels of sensitive employee information. As a result, workplace information and plans for the Call of Duty franchise were exploited.
ChatGPT data breach
This data breach wasn’t directly caused by a threat actor. Instead, it was the result of a bug in the Redis open-source library that exposed some 1.2% of the personal information and chat titles of ChatGPT Plus subscribers. However, this vulnerability was then inadvertently exploited due to a server-side change introduced by OpenAI.
MOVEit data breach
This significant cybersecurity incident in May 2023 involved a zero-day, critical-rated vulnerability in MOVEit Transfer. That allowed attackers, particularly a ransomware and extortion gang called Cl0p, to raid the MOVEit Transfer servers and steal sensitive customer data. So far, the estimated total cost of the MOVEit mass-attacks is some $9.9 billion, based on the average cost of data breaches and the number of individuals affected. That figure could potentially scale to at least $65 billion.
JumpCloud data breach
Here, the breach was the result of intrusion by sophisticated nation-state actors. These attackers accessed JumpCloud’s systems to target a small and specific set of customer accounts. The attack vector was a highly targeted data injection into the commands framework. The extent of the damage and the specific details about the customers impacted have not been fully disclosed but this breach highlights the importance of robust cybersecurity measures against sophisticated and persistent nation-state actors.
UK Electoral Commission data breach
The Electoral Commission, an independent body overseeing elections and regulating political finance in the UK, fell victim to a sophisticated, long-term cyber-attack, which made the news in August 2023. This attack unauthorised access to internal emails, control systems and copies of electoral registers, which contain voter data.
T-Mobile data breach
In September 2023, T-Mobile experienced a significant data breach involving employee and customer data exposure. Just part of a series of security lapses, the breach revealed T-Mobile employee information and exposed customer details through a glitch in the T-Mobile app. While initially downplayed, reports later indicated that millions of customers’ data had potentially been compromised.
Carlos says: ‘This incident underscores the persistent cybersecurity challenges faced by large corporations, emphasizing the need for robust and continually updated security measures.’
How can you protect your business from data breaches?
Carlos says: ‘To prevent a potential data leak or breach, follow strong password policies and enable two-factor authentication. Also, educate your employees about social engineering attacks and how to recognise a phishing attempt.
‘However, if you experience a data breach, make sure to communicate, inform state authorities and never try to hide it.’
For more analysis, see Nordlayer’s breakdown of the 11 most significant data breaches of 2023.
In related news:
Leave a Reply