News goes old and lessons usually be forgotten. Below is some incidents happened in cyber battlefield for a feel of 2023 – a drama year.
| Company | Domain | Breached Data | Money | Attack vector |
|---|---|---|---|---|
| iRent | car rental | – millions of partial credit card numbers – at least 100,000 customer identification documents | N/A | the database has no password |
| Yes Madam | Salon platform | – customers’ location data – user device details, – IMEI numbers of ~900,000 users | N/A | the database has no password |
| PeopleGrove | social platform for higher education institutions and alumni networks | – gigabytes of personal information: email addresses, phone numbers, addresses, details of university achievements and scores, and resumes containing detailed work histories and employment details | N/A | the database has no password |
| Proskauer Rose | international law | – private and privileged financial and legal documents, contracts, non-disclosure agreements, financial deals and files relating to high-profile acquisitions. | N/A | misconfiguration |
| AvidXchange | automate invoice processing and payment management processes | – employee payroll information – corporate bank account numbers. | N/A | easily guessable passwords |
| Toyota | Manufacture | – data of 2 millions customers | N/A | misconfiguration |
| Ferrari | Supercar Manufacturer | – 7GB of documents, data sheets and repair manuals. | N/A | Ransomware |
| LogicMonitor | network security | – data of a small number customers | N/A | use of default password |
| Microsoft | AI | – accidentally exposed tens of terabytes of sensitive data, including private keys and passwords | N/A | publishing a storage bucket of open source training data on GitHub. |
| Tesla | – 75,000 company employees personal information | N/A | two former employees leaked | |
| Microsoft | – a key that allowed to stealthily break into dozens of email inboxes, including those belonging to several federal government agencies. | N/A | Unknown | |
| Crema Finance | Crypto | $9 million in cryptocurrency | ethical hacker turning rogue | |
| Taiwan Semiconductor Manufacturing | ChipMaker | $70 million ransom demand | Leaked setup information | |
| Social Network | – 80+ gigabytes of compressed data | N/A | “highly-targeted” phishing attack | |
| T-Mobile | Telecom | – personal data belonging to 37+ million customers. | N/A | social engineering + SIM swap |
| Social Network | – 400+ million email addresses and phone numbers | N/A | a security bug | |
| MailChimp | – 400+ accounts mostly of cryptocurrency and finance-related accounts | N/A | social engineering | |
| Okta | Identity | – 134 organizations data | N/A | stolen credentials |
| Truepill | Pharmacy Fulfillment | – 2.3+ million patients personal data | N/A | poor security design |
| Perry Johnson & Associates | Healthcare | ~9 million patients data | N/A | Unknown |
| Intellihartx | Patient payment | half a million people’s personal and health information | N/A | MOVEit (1) |
| PharMerica | Pharmacy | – 5.8 million personal information | N/A | MOVEit (1) |
| HCA Healthcare | healthcare | – 11 million patients’ data | N/A | Unknown |
| Enzo Biochem | biotechnology | – 2.5 million patients’s clinical test information | N/A | Ransomware (2) |
| Managed Care of North America | Dental | – 8.9 million clients data | N/A | Unknown |
| NextGen Healthcare | electronic health record software | – 1.05 million patients personal data | N/A | Ransomware (2) |
| Illumina | DNA sequencing devices | – Can alter test result in devices | N/A | CVE-2023-1968 |
| Maternal & Family Health Services | Healthcare | – 461,070 personal data of patients, employees and vendors | N/A | Unknown |
| 23AndMe | Genetic testing | – 6.9 million user data records | N/A | Unknown |
| Welltok | Patient Engagement | – 8 million personal data | N/A | MOVEit (1) |
| McLaren Health Care | Healthcare | – 2.2 million patients sensitive personal and health information | N/A | Ransomware (2) |
| Performance Health Technology | Data Management Services | – 1.7 million Oregon citizens health information | N/A | MOVEit (1) |
| Colorado Department of Health Care Policy and Financing | Healthcare | – 4 million patients data | N/A | MOVEit (1) |
| HCA Healthcare | Healthcare | – 11 million patients’ data | N/A | Unknown |
| Sabre | Travel booking | – 1.3 terabytes of data on ticket sales, passenger turnover, employees’ personal data, corporate financial information. | N/A | Ransomware (2) |
| See Tickets | Global Ticketing | – customers’ credit card information | N/A | Credit Card Skimming Malware |
| MGM Resorts | Hotel & Casino | – unspecified amount of customers’ personal information – ATM shut down – Website offline | ~ $100 million | Ransomware |
| Caesars Entertainment | Hotel & Casino | N/A | $30 million demanded | Ransomware |
| Motel One | Hotel | – 50 credit cards data | N/A | Ransomware |
| Radisson | Hotel | N/A | N/A | Ransomware |
| Fidelity National Financial | real estate services | virtually froze all the company and its subsidiaries’ activities | N/A | Unknown |
| Mr. Cooper | mortgage and loan | – unknown amount of ~4 million users | N/A | Unknown |
| 1st Source Bank | Bank | N/A | N/A | MOVEit |
| Hatch Bank | fintech infrastructure | – 140,000 customers SSN | N/A | CVE-2023-0669 |
| Flutterwave | Startup | N/A | lost ~$4.2 million in the accounts | Unknown |
| Euler Finance | Finance | N/A | ~ $197 million in crypto theft – 1.3M USD gone | “in a flurry of transactions” (3) |
| AT&T email addresses. | – customers account compromised | $15 – $20 million crypto stolen. | Unknown | |
| Mixin | Crypto | N/A | ~ $200 million stolen | Unknown |
| Mom’s Meals | Food | – 1.2+ million individuals data | N/A | Ransomware |
| NationBenefits | supplementary benefits | – 7,100+ residents personal data | N/A | Ransomware |
| Yum Brands | fast-food chains | ~ 300 UK restaurants data | N/A | Unknown |
| Forever 21 | Clothing | 500.000+ individuals data | N/A | Ransomware |
| Byju | edtech | N/A | N/A | misconfiguration |
| Electoral Commission | overseeing elections | ~ 40 million U.K. voters data | N/A | “complex cyberattack.” |
| Ofcom | 412 employees data | N/A | MOVEit | |
| JumpCloud | Access management | a “small and specific” set of customers. | N/A | Unknown |
| Shell | Oil | terabyte of logging data | N/A | MOVEit |
| Dish | satellite television | – 300,000 personal information | N/A | Unknown |
| SchoolDude | order management system | – 3M SchoolDude user accounts | N/A | Unknown |
| Atlassian | SaaS | N/A | N/A | CVE-2023-22515 |
| Shadow | Game | – 530,000 customers data | N/A | advanced social engineering |
| CCleaner | Tools | – 2% users | N/A | MOVEit |
| Boeing | Aerospace | N/A | N/A | Ransomware |
| National Aerospace Laboratories | Aerospace | – eight purportedly stolen documents ( confidential letters, an employee’s passport internal documents) | N/A | Ransomware |
| Zhefengle | e-commerce | – millions of Chinese citizen identity numbers from 3.3 million orders | N/A | Unknown |
| A network of knockoff apparel stores | Store | – 330,000 credit card numbers, cardholder names, and full billing addresses | N/A | Unknown |
| ODIN Intelligence | Applications for polices | Leaked files reveal tactical plans for police raids, surveillance and facial recognition | N/A | Unknown |
| LastPass | Password manager | customers’ encrypted password vaults | N/A | Unknown |
| British Library | Library | – website offline ~490,000 user data | N/A | Ransomware |
- MOVEit (1) : https://en.wikipedia.org/wiki/2023_MOVEit_data_breach
- Ransomware (2): https://en.wikipedia.org/wiki/Ransomware
Most of attacks using Ransomware were credited to Russian-backed cyber teams - Unknown (3) : the author of this post can’t find information yet (at publication moment)
TheTechLead 