{"id":73929,"date":"2023-12-21T12:06:01","date_gmt":"2023-12-21T04:06:01","guid":{"rendered":"https:\/\/version-2.com\/?p=73929"},"modified":"2023-12-14T16:01:15","modified_gmt":"2023-12-14T08:01:15","slug":"breakdown-of-the-11-most-significant-2023-data-breaches","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2023\/12\/breakdown-of-the-11-most-significant-2023-data-breaches\/","title":{"rendered":"Breakdown of the 11 most significant 2023 data breaches"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"73929\" class=\"elementor elementor-73929\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"617\" \/><\/p><article class=\"RichText_root__1_CNu BlogPostContent_richText__rG0U1\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">2023 witnessed a series of impactful data breaches, each leaving a unique mark on cybersecurity. This retrospective dives into these incidents, offering insights and underscoring the evolving challenges in data security.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This article will overview the most intriguing and widely escalated data breaches of every month of 2023. We will also look at the tendencies of cyber-attacks and the forecast for the next year (spoiler alert: it\u2019s going to be hot!).<\/p><h2 id=\"key-facts-of-2023s-data-breaches-we-know-so-far\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Key facts of 2023\u2019s data breaches we know so far<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The year still has a few weeks to go, but everyone is already busy thinking about the holiday season and next year&#8217;s plans. Hopefully, malicious actors are also humans and as busy with end-of-the-year errands as possible, leaving businesses some space to breathe and relax, not thinking about cyber-attacks (unlikely, but we all can dream).<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/konbriefing.com\/en-topics\/cyber-attacks.html#month2023-11\" target=\"_blank\" rel=\"noopener\">KonBriefing Research<\/a> does a colossal job of collecting information about ransomware and cyber-attacks on businesses worldwide. The data they have so far reveal the scope and impact that follows every month.<\/p><p data-testid=\"text\"><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3k3jHFTyNXrwTYGsGYWbnH\/cfbc12664100ab1efb158ced757e3787\/Scheme_1_1400x918.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"711\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Looking into data breach statistics specifically, the total number of breached accounts since 2004 reached a number of over 16.5 billion. According to this <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/surfshark.com\/research\/data-breach-monitoring\" target=\"_blank\" rel=\"noopener\">Surfshark research<\/a>, <b>a single email address is breached approximately 3 times<\/b>.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>The average cost of a data breach worldwide continues to rise steadily<\/b>, reaching 4.45 million U.S. dollars in 2023. According to <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.statista.com\/statistics\/987474\/global-average-cost-data-breach\/\" target=\"_blank\" rel=\"noopener\">Statista<\/a>, the healthcare sector has the highest average cost of a data breach.<\/p><p><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1ek7FZEKuZgFE7JbiqIQmT\/87a63839a014cdfc537e1772f51d7905\/Scheme_2_1400x830.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"640\" \/><\/p><p><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/securityintelligence.com\/x-force\/healthcare-data-breaches-costliest\/\" target=\"_blank\" rel=\"noopener\">IBM Cost of a Data Breach research<\/a> revealed that the <b>healthcare industry had been the leading sector in data breach costs for 12 years in a row<\/b>. In 2022, the average cost of a data breach was $10.10 million. Notably, the overall global cost of such breaches has increased by 15% over 3 years.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>The United States is at the top of the list<\/b> of countries most affected by data breach costs, with an average total cost of\u00a0 $9.48 million per breach. The Middle East follows second with $8.07 million per data breach.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">1 U.S. dollar\u2014this is how much higher the <b>average data breach per record cost will be in 2023, reaching $165<\/b>\/<b>record<\/b> compared to last year\u2019s average cost.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The same IBM research suggests that, <b>on average, companies with incorporated AI and automation solutions save $1.76 million<\/b> compared to organizations that don\u2019t apply similar measures to mitigate data breach risks.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Organizations that <b>don\u2019t follow compliance requirements tend to pay a 12.6% higher average cost <\/b>than companies that have a high level of compliance.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\" target=\"_blank\" rel=\"noopener\">Verizon\u2019s 2023 Data Breach Investigations Report<\/a> revealed that financially motivated external actors induced 83% of breaches. Human error, the most common reason behind successful cyber-attacks, remains a consistent factor in 2023, with <b>a human element present in<\/b> <b>74% of breaches<\/b>.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Verizon research also listed <b>system intrusion as the most popular pattern of breaches<\/b>. Basic web application attacks, social engineering, miscellaneous errors, privilege misuse, and lost and stolen assets follow it.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Let\u2019s dive into the latest data breach news that happened in 2023. This overview is based on publicly available information about data breaches and is subject to change as more new findings are discovered and revealed over time.<\/p><h2 id=\"january-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">January 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">MailChimp data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"Image_autoHeight__eDTAt Image_autoWidth__spy21 RichText_image__z9xEG\" style=\"color: transparent;\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp\" sizes=\"(max-width: 1280px) 100vw, 50vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=384&amp;q=75&amp;fit=fill&amp;fm=webp 384w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=600&amp;q=75&amp;fit=fill&amp;fm=webp 600w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=640&amp;q=75&amp;fit=fill&amp;fm=webp 640w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=750&amp;q=75&amp;fit=fill&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp 828w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp 1280w\" alt=\"01 Data-breach-profiles 1400x1036\" width=\"0\" height=\"0\" data-nimg=\"future\" \/><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/646ri5oJczR2Gy8L1pyO3m\/e51182f137f9f7e0b334262727bffda5\/01_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p>MailChimp, an Intuit-owned email marketing platform, suffered a data breach. The breach occurred on January 11, 2023, when an unauthorized actor accessed Mailchimp\u2019s tools used by teams interacting with customers.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The actor gained access to a tool used for internal customer service and account management, compromising the data of 133 customers\u200b\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/mailchimp-discloses-new-breach-after-employees-got-hacked\/\" target=\"_blank\" rel=\"noopener\">breach<\/a> was executed through a social engineering attack on MailChimp employees and contractors, enabling attackers to obtain employee credentials.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This incident was first detected when MailChimp noticed an unauthorized person accessing their support tools on January 11. MailChimp temporarily suspended access for accounts exhibiting detected suspicious activity to protect users&#8217; data.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">MailChimp notified the primary contacts for all affected accounts on January 12, less than 24 hours after the initial discovery\u200b\u200b\u200b\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">MailChimp assured that no credit card or password information was compromised in this incident.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">One of the notable <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/techcrunch.com\/2023\/01\/18\/mailchimp-hacked\/?guccounter=1&amp;guce_referrer=aHR0cHM6Ly93d3cuYmxlZXBpbmdjb21wdXRlci5jb20v&amp;guce_referrer_sig=AQAAAEUL9jbHtE8IMXsJGlkVSkL9cv2zIHblHUfpHUR15QNlEaKn1cMM_lqvQxXeOlUVEKVnFISswIyl_I4RvNzBCEe3vejqYeIOqnYI5dCfeH9vTVfYiKsiAuXdci2LMOSDd-fdDQUrn0DLlhP4EQoi9G1cxqMb3kqxTRDhf8aMT1DF\" target=\"_blank\" rel=\"noopener\">customers affected<\/a> by this breach was WooCommerce, a popular eCommerce plugin for WordPress. WooCommerce informed its customers that the breach exposed their names, store URLs, and email addresses.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Although there was no indication that the data stolen had been misused, there was a concern. Such data could be used for targeted phishing attacks to steal credentials or install malware\u200b\u200b\u200b\u200b.<\/p><h2 id=\"february-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">February 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Activision data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6uRIy5jH2YuZ9LPxLLVBbW\/a28bd23c671405f8b040c4eb4b331bfd\/02_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Activision, a video game publisher known for games like Call of Duty and World of Warcraft, experienced a <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/techcrunch.com\/2023\/02\/21\/activision-did-not-notify-employees-of-data-breach-for-months\/\" target=\"_blank\" rel=\"noopener\">data breach<\/a> in early December 2022, which surfaced only in February 2023.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Attackers gained access to the company&#8217;s internal systems through an SMS phishing attack on an employee. Supposedly, the targeted employee belonged to the Human Resources department and had access to a significant amount of sensitive employee information\u200b\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Bad actors were able to obtain sensitive employee information, such as full names, email addresses, phone numbers, and financial data like salaries, work locations, and more. The compromised data also included details about upcoming content for the Call of Duty Modern Warfare II franchise.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This breach was not publicly or internally disclosed until screenshots of the stolen data, including the schedule of planned content for Call of Duty, were shared by the cybersecurity and malware research group vx-underground several months after the accident\u200b\u200b\u200b\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Activision&#8217;s response to the breach involved swiftly addressing the SMS phishing attempt and conducting a thorough investigation.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The company initially asserted that no sensitive employee data, game code, or player data was accessed. However, the <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/activision-confirms-data-breach-exposing-employee-and-game-info\/\" target=\"_blank\" rel=\"noopener\">evidence provided<\/a> by vx-underground and &#8216;Insider Gaming&#8217; contradicted this claim, showing that sensitive workplace documents and employee information had indeed been exfiltrated\u200b\u200b.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This delay in notification raised questions about whether Activision complied with data breach notification laws. This is particularly relevant as California, where Activision is headquartered, has specific laws requiring companies to notify victims of data breaches when a significant number of state residents are affected\u200b\u200b.<\/p><h2 id=\"march-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">March 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">ChatGPT data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1uwtOqbsyt0XJDwb9RUuHb\/85b01d8d3c0ce113b70ef9821bc27252\/03_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">In March 2023, ChatGPT, an AI-driven chatbot developed by OpenAI, experienced a significant <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/firewalltimes.com\/chatgpt-data-breaches-openai\/\" target=\"_blank\" rel=\"noopener\">data breach<\/a>.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The data breach was caused by a bug in the Redis open-source library, which led to the exposure of other users&#8217; personal information and chat titles. This bug allowed certain users to view brief descriptions of other users&#8217; conversations from the chat history sidebar.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach wasn\u2019t directly caused by a threat actor but resulted from a vulnerability in the Redis open-source library. This vulnerability was inadvertently exploited due to a server-side change introduced by OpenAI. This changed to a surge in request cancellations and increased the error rate.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach potentially revealed information about 1.2% of ChatGPT Plus subscribers. It included the active user&#8217;s first and last name, email address, payment address, the last four digits of a credit card number, and the expiration date. However, it&#8217;s emphasized that full credit card numbers were not exposed.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The first message of a newly-created conversation might have been visible in someone else&#8217;s chat history if both users were active around the same time. Additionally, viewing other users&#8217; chat history and conversation titles was possible.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">OpenAI promptly <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/openai.com\/blog\/march-20-chatgpt-outage\" target=\"_blank\" rel=\"noopener\">addressed<\/a> the bug soon after its discovery and temporarily shut down the ChatGPT service to manage the issue. The company announced a bug bounty program in April to help detect future issues and prevent similar incidents.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The incident highlighted the potential risks for chatbots and AI technologies and the importance of robust security measures, especially when using open-source libraries.<\/p><h2 id=\"april-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">April 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Shields Healthcare Group data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1vl6SVwgylMjE6Ur9xy4uJ\/8a981f8dee18ceac8f32cd56d547808f\/04_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Shields Healthcare Group is a Massachusetts-based medical services provider. It specializes in MRI and PET\/CT diagnostic imaging, radiation oncology, and ambulatory surgical services. In 2023, the company experienced a significant <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/cybernews.com\/news\/shields-health-care-group-data-breach\/\" target=\"_blank\" rel=\"noopener\">data breach<\/a>.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The data breach involved unauthorized access to Shields\u2019 systems. The breach was detected when suspicious activity suggesting a data compromise was observed.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The exact method used by the attackers to gain access is unclear, but possibilities include exploiting a network software weakness or using a phishing attack to compromise an employee account\u200b<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The attackers accessed a wide range of sensitive patient information and confidential data. This included full names, Social Security numbers, dates of birth, home addresses, provider information, diagnoses, billing information, health insurance information, medical record numbers, patient IDs, and other medical or treatment information.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Approximately 2.3 million people were affected by this breach. Shields\u2019 business model, which involves partnerships with hospitals and medical centers, meant the breach had far-reaching consequences, impacting 56 facilities and their patients.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/cybermagazine.com\/articles\/4-3m-records-compromised-by-cyber-breaches-in-april-2023\" target=\"_blank\" rel=\"noopener\">Upon discovering the breach<\/a>, the healthcare provider took immediate steps to contain the incident. They initiated a thorough investigation with the help of third-party forensic specialists. They secured their systems, including rebuilding certain systems, to prevent further unauthorized access.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Shields has continued reviewing the potentially impacted information and notifying individuals and regulators. Additionally, they have committed to enhancing their data security measures and protections.<\/p><h2 id=\"may-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">May 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">MOVEit data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"Image_autoHeight__eDTAt Image_autoWidth__spy21 RichText_image__z9xEG\" style=\"color: transparent;\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp\" sizes=\"(max-width: 1280px) 100vw, 50vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=384&amp;q=75&amp;fit=fill&amp;fm=webp 384w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=600&amp;q=75&amp;fit=fill&amp;fm=webp 600w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=640&amp;q=75&amp;fit=fill&amp;fm=webp 640w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=750&amp;q=75&amp;fit=fill&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp 828w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp 1280w\" alt=\"05 Data-breach-profiles 1400x1036\" width=\"0\" height=\"0\" data-nimg=\"future\" \/><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/7JHu40EIJFRPEVYGiYIjyC\/d5ce36542ad9de5d48ac87fd57f58254\/05_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p>MOVEit Transfer software, a file transfer tool developed by Progress Software, transfers large amounts of often-sensitive data over the internet. It&#8217;s employed by organizations worldwide to manage file transfers, including pension information, social security numbers, medical records, and billing data. The MOVEit <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.theverge.com\/23892245\/moveit-cyberattacks-clop-ransomware-government-business\" target=\"_blank\" rel=\"noopener\">data breach<\/a> of May 2023 was a significant cybersecurity incident.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach involved a zero-day vulnerability in MOVEit Transfer. This critical-rated vulnerability allowed attackers, particularly the &#8220;cl0p&#8221;, a ransomware and extortion gang, to raid MOVEit Transfer servers and steal customers&#8217; sensitive data stored within\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The attackers, identified as the group &#8220;cl0p&#8221;, exploited the MOVEit software vulnerability starting around May 27, 2023. Progress Software became aware of the compromise in the computer systems the next day after a customer noticed strange activity.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">As of August 2023, over 1,000 victim organizations and more than 60 million individuals were impacted by this high-profile data breach.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Victims ranged from New York public school students to Louisiana drivers to California retirees, indicating the vast variety of data compromised\u200b\u200b. Other significant victims included the French government\u2019s unemployment agency, P\u00f4le emploi, multiple federal agencies, and U.S. state departments.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Approximately one-third of hosts running vulnerable MOVEit servers belonged to financial service-related organizations, with significant percentages in the healthcare, IT, government, and military sectors.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The estimated total cost of the MOVEit mass-attacks so far is about $9.9 billion, based on the average cost of data breaches and the number of individuals affected. This figure could potentially scale to at least $65 billion.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Progress Software acknowledged the cyber-attack and focused on supporting its customers. They issued a patch to fix the vulnerability and alerted users to the issue\u200b\u200b.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Not all organizations could deploy the patch in time, resulting in varying levels of <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.wired.com\/story\/moveit-breach-victims\/\" target=\"_blank\" rel=\"noopener\">data compromise<\/a>\u200b. The breach is notable for its scale and the variety of victims affected, demonstrating how a flaw in a single piece of software can trigger a global privacy disaster\u200b.<\/p><h2 id=\"june-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">June 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">JumpCloud data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/5CWyBRjyGr340601QM2pow\/04a8632107d5869514f0b7f7ac67ada2\/06_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">JumpCloud, an identity and access management firm, experienced a <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\" target=\"_blank\" rel=\"noopener\">data breach<\/a> incident in June 2023. The company offers a directory platform that enables enterprises to authenticate, authorize, and manage users and devices.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach was the result of a sophisticated nation-state actor&#8217;s intrusion. The attackers gained access to JumpCloud\u2019s systems to target a small and specific set of customer accounts. The attack vector was a data injection into the commands framework, and it was highly targeted.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The exact number of affected customers and the types of organizations targeted have not been disclosed. However, JumpCloud provides its software to more than 180,000 organizations and counts over 5,000 paying customers, indicating a potentially large impact.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The initial attack was traced back to a spear-phishing campaign initiated on June 22, 2023. The adversaries leveraged domains such as nomadpkg[.]com and nomadpkgs[.]com, likely related to a Go-based workload orchestrator used to deploy and manage containers.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The extent of the damage and the specific details about the customers impacted have not been fully disclosed, but the breach highlights the importance of robust cybersecurity measures against sophisticated and persistent nation-state actors\u200b<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">JumpCloud reset customers&#8217; API keys as a precaution. The company took <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.securityweek.com\/jumpcloud-says-sophisticated-nation-state-targeted-specific-customers\/\" target=\"_blank\" rel=\"noopener\">security steps<\/a> to shield its network, rotating credentials and rebuilding systems. After detecting unusual activity, JumpCloud forced the rotation of all admin API keys and started notifying affected customers\u200b\u200b\u200b\u200b.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The company has published a list of indicators of compromise (IoCs) to help other organizations identify similar attacks and is enhancing its own security measures\u200b<\/p><h2 id=\"july-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">July 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Indonesian Immigration Directorate General data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6SaMZZE1lkiouYA0ya3Jx6\/d1a8a439e121d038ab1c8f72122e85d1\/07_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The Indonesian Immigration Directorate General is responsible for managing immigration-related matters in Indonesia, including issuing and managing passports. In July of 2023, the institution fell victim to a major <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.cpomagazine.com\/cyber-security\/34-million-indonesian-passports-exposed-in-a-massive-immigration-directorate-data-breach\/\" target=\"_blank\" rel=\"noopener\">data breach<\/a>.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The data breach involved the unauthorized access and leakage of passport data of more than 34 million Indonesian citizens. The leaked data included the full names, passport numbers, expiry dates, dates of birth, and genders of the passport holders\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breached data of 34.9 million Indonesian passport holders was offered for sale for $10,000. A sample of the stolen data was also made available on a hacker platform, showcasing passport data from 2009 to 2020. The data is considered valid based on the given sample.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The leaked data potentially included National Identity Community Identity Card (NIKIM) information, a digital identity used to secure electronic passports containing personal data such as names, addresses, and identity numbers\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The specifics of how the breach was achieved were not detailed in the available sources. However, the data was reportedly leaked and sold on the bjork.ai website, indicating that it may have been a sophisticated cyber attack or hacking incident\u200b.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The ministry noted differences in the data structure between the breached data and the data in the national data center, indicating ongoing investigations to understand the extent and nature of the breach\u200b.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The<a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.thejakartapost.com\/indonesia\/2023\/07\/06\/hacker-breaches-data-of-34-million-indonesian-passports.html\" target=\"_blank\" rel=\"noopener\"> available sources<\/a> did not fully detail the outcome of the investigation and the broader impact of the breach. However, the breach underscores the importance of robust cybersecurity measures for government databases, particularly those containing sensitive personal information like passport details.<\/p><h2 id=\"august-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">August 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">UK Electoral Commission data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2Cl9dAs5RekS66JyPyS3Ko\/ba7119d8d37f441b59eb5d9abdfd909f\/08_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The Electoral Commission, an independent body overseeing elections and regulating political finance in the UK, fell victim to hostile actors in August 2023. This complex <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.camden.gov.uk\/electoral-commission-data-breach\" target=\"_blank\" rel=\"noopener\">cyber-attack<\/a> involved unauthorized access to internal emails, control systems, and copies of electoral registers, which contain voter data.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">A malicious actor gained access to the Electoral Commission&#8217;s systems in August 2021, but the breach was only identified in October 2022 after suspicious activity was detected.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The accessed registers held the names and addresses of UK voters registered between 2014 and 2022, including those registered as overseas voters. Notably, the details of anonymous voters were not included in these registers.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Predicting the exact number of people impacted is challenging, but it&#8217;s estimated that the register for each year includes details of about 40 million individuals.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">While the full extent of the damage is not conclusively known, the Electoral Commission acknowledged that they could not determine exactly what files may have been accessed.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The attack is considered to be sophisticated, with hostile actors attempting to use software to evade the systems.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">In response to the breach, the Electoral Commission collaborated with the National Cyber Security Centre (NCSC), law enforcement officials, and external experts to investigate and secure its systems. Subsequently, they have made improvements to the security of their IT systems.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The outcome of this <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.electoralcommission.org.uk\/media-centre\/electoral-commission-subject-cyber-attack\" target=\"_blank\" rel=\"noopener\">breach<\/a> reiterates the vulnerability of democratic institutions to cyber threats. It emphasizes the importance of robust cybersecurity measures, especially for bodies involved in the electoral process.<\/p><h2 id=\"september-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">September 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">T-Mobile data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/5j3AYsYDjAVMbiqUTfjuwq\/75d4855a2d6d3beca1af7a3ce9e57a56\/09_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">In September 2023, T-Mobile, one of the largest mobile carriers in the United States, experienced a significant data breach. This incident is part of a series of security lapses that have affected the company in recent years.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach in September 2023 involved two separate security incidents:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Employee data exposure<\/b>: on September 21, 2023, 89 gigabytes of data primarily related to T-Mobile employees, including email addresses and partial Social Security Numbers, were posted on a hacker forum.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This data was tied to an earlier breach in April of Connectivity Source, a T-Mobile retailer. T-Mobile itself denied being directly hacked as part of this incident, indicating the breach occurred at a third-party service provider. The exposed employee confidential data could pose risks of identity theft or fraud.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Customer data exposure<\/b>: the second data breach occurred later in September when a system error in the T-Mobile app exposed customer payment data of fewer than 100 customers. Users of the app inadvertently accessed other customers&#8217; personal information, including phone numbers and billing addresses. T-Mobile attributed this to a glitch related to a technology update.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The glitch in the T-Mobile app exposed the personal information of several customers, including names, phone numbers, physical addresses, account balances, and partial credit card details.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Though the company initially claimed the breach affected fewer than 100 individuals, later reports suggested the personal information of millions could have been exposed. However, the company has not released the exact number of T-Mobile customers affected.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The September 2023 T-Mobile data breach underscores the ongoing cybersecurity challenges faced by large corporations, especially in sectors handling vast amounts of personal data. This incident, stemming from a system glitch rather than a direct hack, reveals the multifaceted nature of data security threats. It also emphasizes the importance of robust and continuously updated security measures to protect against both external attacks and internal vulnerabilities.<\/p><h2 id=\"october-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">October 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">23andMe data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3hWhuEGiYU7jgVCgFSSI3j\/c7550bcb42c698612fa1e3623e4fd4dd\/10_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The 23andMe is a genetics testing company that offers DNA testing services to help users learn more about their ancestry. Users can discover their ethnic backgrounds and connect with relatives through shared DNA. A <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/techcrunch.com\/2023\/10\/18\/hacker-leaks-millions-more-23andme-user-records-on-cybercrime-forum\/\" target=\"_blank\" rel=\"noopener\">data breach<\/a> in October 2023 was a significant event, revealing vulnerabilities in the protection of sensitive genetic and personal information.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach involved unauthorized access to the &#8220;DNA Relatives&#8221; feature of 23andMe, where users can share personal data, including ancestry reports and matching DNA segments, with other users globally.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The breach exposed personal information, including display names, birth years, sex, and details about genetic ancestry results. Initially, data of one million users of Ashkenazi Jewish descent and another 100,000 users of Chinese descent were claimed to be stolen. This later expanded to include records of four million more general accounts. However, genetic data itself was not included in the breach.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Bad actors likely used a technique called &#8216;credential stuffing attack,&#8217; where actors tried combinations of usernames and passwords from previous data breaches on other websites, hoping people had reused passwords.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">23andMe responded by requiring all customers to utilize email two-step verification (2SV), temporarily disabling some features within the DNA Relatives tool for added security, and advising users to change their login information and enable multi-factor authentication.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The company <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/blog.23andme.com\/articles\/addressing-data-security-concerns\" target=\"_blank\" rel=\"noopener\">launched an investigation<\/a> with third-party forensic experts. 23andMe also emphasized its commitment to security, highlighting its ISO certifications and continuous monitoring and auditing of the company\u2019s systems. They assured us they would notify customers directly if their data were accessed without authorization.<\/p><h2 id=\"november-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">November 2023<\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Idaho National Laboratory (INL) data breach<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/69h7kio60YcQ3MTehEYcA9\/0ff7593f7b992123161813e7ea899ecb\/11_Data-breach-profiles_1400x1036.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"1080\" height=\"799\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The Idaho National Laboratory (INL), a key component of the U.S. Department of Energy, suffered one of the most recent data breaches in November 2023. As part of the U.S. Department of Energy, INL is one of the country&#8217;s premier advanced nuclear energy testing labs. Its work includes research and development in nuclear and non-nuclear energy sources, national security, and related fields\u200b.<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/www.cshub.com\/attacks\/news\/data-breach-at-us-nuclear-energy-firm-exposes-sensitive-employee-information\" target=\"_blank\" rel=\"noopener\">breach<\/a> involved the compromise of INL&#8217;s Oracle Human Capital Management servers, which are used for human resources applications. It was executed by the SiegedSec hacking group. The attackers managed to access &#8220;hundreds of thousands of user, employee, and citizen data.&#8221;<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The leaked data included sensitive personal information like Social Security numbers, bank account and routing numbers, health care details, marital status, and account types. This data related to current, former, and retired employees of the laboratory.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The attackers targeted a federally approved third-party vendor system outside INL that supports the lab&#8217;s cloud-based human resources services.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">INL took swift action to bolster employee data protection following the breach. They also communicated with federal law enforcement agencies, including the FBI and the Department of Homeland Security\u2019s Cybersecurity and Infrastructure Security Agency, to investigate the breach&#8217;s impact\u200b.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"https:\/\/cyberscoop.com\/idaho-national-laboratory-siegedsec\/\" target=\"_blank\" rel=\"noopener\">investigation<\/a> into the breach is ongoing. INL is working with federal law enforcement to fully grasp the extent of the impacted data and implement measures to prevent similar security incidents.<\/p><h2 id=\"december-2023\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">December 2023<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Soon to be updated.<\/p><h2 id=\"what-to-expect-in-2024\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">What to expect in 2024?<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The latest data breaches served as stark reminders of cyber threats&#8217; dynamic and relentless nature for gaining access to sensitive data. They reinforced the necessity for businesses and organizations across all sectors to prioritize and continuously update their cybersecurity measures, ensuring their data protection and stakeholders&#8217; trust.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">To prevent a potential data leak or breach, think two steps ahead and implement a robust cybersecurity strategy to protect sensitive data and avoid reputational and financial consequences that follow the breach.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Comprehensive network access security solutions like NordLayer provide organizations with the best in the industry-based security frameworks and models known as <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"\/en\/learn\/sase\/what-is-sse\/\">Security Service Edge (SSE)<\/a> and <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"\/en\/learn\/zero-trust\/what-is-ztna\/\">Zero Trust Network Access (ZTNA)<\/a>. Choose simple and effective security by design and protect your network and teams in all ways of working.<\/p><\/article>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cf03edf elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cf03edf\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b576c6d\" data-id=\"b576c6d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bfd91ca elementor-widget elementor-widget-shortcode\" data-id=\"bfd91ca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63561\" class=\"elementor elementor-63561\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1b6aa2c4 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1b6aa2c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1b283ee5\" data-id=\"1b283ee5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e466f1a elementor-widget elementor-widget-text-editor\" data-id=\"4e466f1a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>2023 witnessed a series of impactful data breaches, eac [&hellip;]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[973,1075,1130,61],"tags":[974,1076,1132],"class_list":["post-73929","post","type-post","status-publish","format-standard","hentry","category-nord-security","category-year2023","category-nordlayer","category-press-release","tag-nord-security","tag-1076","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Breakdown of the 11 most significant 2023 data breaches - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Breakdown of the 11 most significant 2023 data breaches - Version 2\" \/>\n<meta property=\"og:description\" content=\"2023 witnessed a series of impactful data breaches, eac [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-21T04:06:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"20 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/12\\\/breakdown-of-the-11-most-significant-2023-data-breaches\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Breakdown of the 11 most significant 2023 data breaches\",\"datePublished\":\"2023-12-21T04:06:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/12\\\/breakdown-of-the-11-most-significant-2023-data-breaches\\\/\"},\"wordCount\":3469,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6QmGnFwlBZgHxri2Eg30Iv\\\/1aa76e231b26fa2aa5c55d0051f27582\\\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\",\"keywords\":[\"Nord Security\",\"2023\",\"NordLayer\"],\"articleSection\":[\"Nord Security\",\"2023\",\"NordLayer\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/12\\\/breakdown-of-the-11-most-significant-2023-data-breaches\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/\",\"name\":\"Breakdown of the 11 most significant 2023 data breaches - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6QmGnFwlBZgHxri2Eg30Iv\\\/1aa76e231b26fa2aa5c55d0051f27582\\\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\",\"datePublished\":\"2023-12-21T04:06:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6QmGnFwlBZgHxri2Eg30Iv\\\/1aa76e231b26fa2aa5c55d0051f27582\\\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6QmGnFwlBZgHxri2Eg30Iv\\\/1aa76e231b26fa2aa5c55d0051f27582\\\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/data-breaches-in-2023\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Breakdown of the 11 most significant 2023 data breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Breakdown of the 11 most significant 2023 data breaches - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/","og_locale":"en_US","og_type":"article","og_title":"Breakdown of the 11 most significant 2023 data breaches - Version 2","og_description":"2023 witnessed a series of impactful data breaches, eac [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/","og_site_name":"Version 2","article_published_time":"2023-12-21T04:06:01+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"20 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/12\/breakdown-of-the-11-most-significant-2023-data-breaches\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Breakdown of the 11 most significant 2023 data breaches","datePublished":"2023-12-21T04:06:01+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/12\/breakdown-of-the-11-most-significant-2023-data-breaches\/"},"wordCount":3469,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp","keywords":["Nord Security","2023","NordLayer"],"articleSection":["Nord Security","2023","NordLayer","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/12\/breakdown-of-the-11-most-significant-2023-data-breaches\/","url":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/","name":"Breakdown of the 11 most significant 2023 data breaches - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp","datePublished":"2023-12-21T04:06:01+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6QmGnFwlBZgHxri2Eg30Iv\/1aa76e231b26fa2aa5c55d0051f27582\/Biggest-data-breaches-of-2023_web_cover_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/data-breaches-in-2023\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Breakdown of the 11 most significant 2023 data breaches"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-jep","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/73929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=73929"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/73929\/revisions"}],"predecessor-version":[{"id":74239,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/73929\/revisions\/74239"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=73929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=73929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=73929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}