Directive Blogs
Six of the Worst Data Breaches of 2023
In this blog, we do our best to give people the knowledge they need to protect themselves and their organizations while operating online. With all the digital tools that we all have come to rely on, it’s important to understand the result of a data breach on organizations and their customers. In today’s blog, we go through six of the most devastating data breaches that happened in 2023.
T-Mobile
At the very beginning of 2023, telecommunications giant T-Mobile announced that it had suffered what ended up being the most noteworthy data breaches of the entire year. Cybercriminals were able to use the T-Mobile API to steal data…for months. When T-Mobile found out about the attack, more than 37 million customers had their personal data exposed. Unfortunately for the company, they were the victims of a second breach only months later that cost the business more than $100 million to remediate. Overall customer names, billing addresses, phone numbers, and emails were leaked online.
Mailchimp
Also early in 2023, digital marketing company Mailchimp discovered a data breach that affected user accounts and employee information and credentials. They were the victim of a social engineering attack that was unfortunately successful. Victims had their names, store web addresses and email addresses stolen.
ChatGPT
One of the major innovators of AI was the victim of a serious cyberattack in March of 2023. The attack exposed the first and last names of users and their email addresses along with access to payment addresses and the last four digits of their credit cards. Open AI, ChatGPT’s parent company, was forced to take the service down briefly to address the breach.
Yum! Brands
The parent company of major fast food chains KFC, Taco Bell, and Pizza Hut was attacked in April of 2023. When it was discovered, the breach was thought to have only affected corporate data, but after careful consideration, it was found that some employee personal data was exposed in the breach. The result was stark as the company was forced to close down hundreds of locations outside of the United States and continues to pay handsomely for the breach.
Activision
One of the largest and most successful video game publishers: Activision found they were hacked in February 2023, a breach that occurred in December of 2022. The company's release schedule was unearthed and so was some employee data. A third-party security contractor found that the breach was the result of an SMS phishing attack. Employee emails, phone numbers, salary details, and work locations were exposed in the breach.
PharMerica
In the largest data breach of a HIPAA-covered entity in 2023, the pharmacy provider PharMerica reported that 5.8 million individuals’ personal information was exposed in March of 2023. The breach was the result of a sophisticated attack carried out by the ransomware group “Money Message.” Some of the information exposed in the breach includes names, addresses, dates of birth, Social Security numbers, individual prescription information, and health insurance data.
These are the extreme examples, but your business is just as (or more) susceptible to a data breach than any of them. That’s why you need to take your cybersecurity strategies seriously. If you would like to learn more about what you can do to keep your business as secure as it can be, including strategies for employee training, data, network security, and much more, give us a call today at 607.433.2200.