Welcome to our April 2023 list of data breaches and cyber attacks. Our research identified 120 publicly disclosed incidents during the month, accounting for 4,353,257 breached records.
You can find the full list of data breaches and cyber attacks below, along with our rundown of the biggest incidents of the month.
Meanwhile, if you enjoy this sort of cyber security news, be sure to subscribe to our Weekly Round-up to receive the latest stories straight to your inbox.
Biggest data breaches of April 2023
1. Shields Health Care Group
The largest data breach of April 2023 was at the Shields Health Care Group, a Massachusetts-based medical services provider. Reports emerged near the end of the month that a cyber criminal had gained unauthorised access to the organisation’s systems and had stolen the personal data of 2.3 million people.
In a letter sent to affected individuals, Shields said that the incident dates back to March 2022, when it first identified suspicious activity on its internal network.
The breach had been speculated about at the time, but the firm’s investigation concluded last month and revealed that the scale of the damage.
The crooks reportedly had access to sensitive data for two weeks and that information included patients’ Social Security numbers, dates of birth, home addresses, healthcare provider information and healthcare history.
Additionally, billing information, insurance numbers and other financial details were stolen in the attack.
In a statement, Shields said that it “takes the confidentiality, privacy, and security of information in our care seriously. Upon discovery, we took steps to secure our systems, including rebuilding certain systems, and conducted a thorough investigation to confirm the nature and scope of the activity and to determine who may be affected.
“Additionally, while we have safeguards in place to protect data in our care, we continue to review and further enhance these protections as part of our ongoing commitment to data security.”
2. NCB Management
NCB Management learned last month that a cyber criminal infiltrated its systems and stole almost one million financial records.
An internal investigation from the debt collection services provider found that criminal hacker first accessed NCB Management’s systems on 1 February 2023, but it’s unclear how long they remained in its systems.
What is apparent is that the crook accessed credit card data for consumers’ Bank of America past-due accounts.
The accounts were already closed, but the attacker would have had access to a gamut of information, including people’s first and last names, address, phone number, email address, date of birth, employment position, pay amount, driver’s licence number, Social Security number, account number, credit card number, routing number, account balance and/or account status.
When combined with the knowledge that these people had been pursued by a debt collection agency, it creates the possibility for a variety of scams.
The incident was reported to the relevant authorities by Bank of America, but it’s unclear what part the bank had to play in the breach beyond the fact that its customers were affected.
3. Kodi
The open source media player Kodi reported last month that an unauthorised actor compromised its MyBB forum database and stole personal data belonging to 400,635 users.
“MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February,” Kodi said in a statement.
The crooks were able to download nightly backups of the complete database, which contained all public forum posts, team forum posts and direct messages. More worryingly, the same database contained usernames, email addresses and encrypted passwords.
Fortunately for Kodi, its team said that there was no evidence that the criminal hackers gained access to the underlying server hosting the MyBB software.
Cyber attacks
- Alcohol recovery startups Monument and Tempest shared patients’ private data with advertisers (unknown)
- Shields Health Care Group announces security breach amid cyber attack (2,380,483)
- NCB Management breach affected former Bank of America credit card holders (494,969)
- Kodi confirms security breach as user records and private messages are stolen (400,635)
- Santa Clara Family Health Plan notifies individuals affected by data breach (276,993)
- 90 Degree Benefits announces security breach (181,543)
- Queensway Carleton Hospital suffers third-party software breach (100,000)
- Florida Medical Clinic notifies patients of recent security breach (94,132)
- Huntington Ingalls Industries files official notice of security breach (43,643)
- United Steelworkers Local 286 Notifies members of recent security breach (37,000)
- Unlimited Care files notice of security breach affecting employees (29,000)
- Brightline, Inc. announces third-party breach (27,742)
- HawaiiUSA Federal Credit Union confirms recent security breach (20,000)
- Tasmanian education department documents leaked online (16,000)
- La Clinica de La Raza says email accounts were breached in cyber attack (15,316)
- Robeson Health Care Corporation reports security breach (15,000)
- Woodward Communications files notice of security breach (12,467)
- Harrington Raceway announces security breach leaking personal information (12,000)
- Investigation underway into cyber attack affecting four charities for sexual assault survivors (1,000)
- TIC Hosting Solutions customer data leaked (300)
- Western Digital says hackers stole data in ‘network security’ breach (unknown)
- Cyber attack downs major Israeli university websites (unknown)
- Crossbow firm Killer Instinct discloses credit card breach (unknown)
- UK’s Criminal Records Office confirms that ongoing delays caused by criminal hackers (unknown)
- Winnipeg’s Thermea spa discloses security breach (unknown)
- Lending protocol Sentiment recovers funds after cyber attack (unknown)
- Aspire Public Schools reveals 2022 security breach (unknown)
- Rochester Public Schools in Minnesota says classes cancelled amid cyber attack (unknown)
- Proskauer Rose cyber attack left sensitive client data unguarded (unknown)
- Sarah D. Culbertson Memorial Hospital working to recover from cyber security incident (unknown)
- Rogers Communications data allegedly sold on a hacker forum (unknown)
- NZZ has to shut down the newspaper production system after a cyber attack (unknown)
- Southern California’s San Bernardino County Sheriff’s Department said it experienced a “network disruption” (unknown)
- Elmbrook School District breach exposed personal information about former and current employees (unknown)
- Big Pharma-partnered Evotec on high alert after cyber attack takes systems offline (unknown)
- The Palmeiras Club of Brazil was the target of a cyber attack (unknown)
- Stroud Area Regional Police Department notification of data security incident (unknown)
- SD Worx forced to pause operations following cyber attack (unknown)
- The law firm Uber gave sensitive driver data to for legal representation got hacked (unknown)
- Ongoing issues at Cornwall Community Hospital from “cyber incident” (unknown)
- Webster Bank reports third-party security breach at Guardian Analytics (unknown)
- University of Hawaii Maui College announces recent security breach (unknown)
- Accounting firm Rubino & Company files official notice of security breach (unknown)
- University of the People notifies students of security breach following unauthorised SharePoint access (unknown)
- Oklahoma City University notifies students and employees of cyber attack (unknown)
- Kimco Realty Corporation notifies current and former employees of recent cyber attack (unknown)
- Prescott College files notice of recent security breach leaking student information (unknown)
- Bryant Bank files notice of security breach that leaked an unknown number of SSNs (unknown)
- NationsBenefits Holding announces third-party security breach following Fortra cyber attack (unknown)
- Cornerstone Home Lending files notice of security breach after cyber security incident at third-party vendor (unknown)
- Accounting firm Harding, Shymanski & Company announces security breach following wave of fraudulent tax returns (unknown)
- Elk Grove Unified School District investigating after employees report issues filing taxes in suspected phishing scam (unknown)
- SD Worx halts UK payroll, HR services after cyber attack (unknown)
- Cyber attack at Plymouth school tells students they are expelled (unknown)
- Albertsons Companies says data was stolen in malware attack (unknown)
- IMA Financial Group notifies those affected by 2022 security incident (unknown)
- Sun Pharmaceutical Industries suffers a “data security incident” (unknown)
- One Brooklyn Health reports leaked patient and employee information following security breach (unknown)
- Amnesty International Australia suffered a security breach last year, but says everything is now fine (unknown)
- United HealthCare reports a data breach that may have revealed the customer’s personal information (unknown)
- Nashua School District dealing with ‘sophisticated’ cyber attack (unknown)
>
If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Ransomware
- Alcohol recovery startups Monument and Tempest shared patients’ private data with advertisers (unknown)
- 7×7 Dental Implant & Oral Surgery alleged victim of Abyss ransomware group (63,557)
- Retina & Vitreous of Texas notifies patients of ransomware attack but doesn’t call it one (35,766)
- Ransomware gang pledges to undo damage after attacking Cameron Memorial Community Hospital in Indiana (unknown)
- Alabama’s Jefferson County School system victim of ransomware (unknown)
- Employee and patient files from Montgomery General Hospital leaked by ransomware group (unknown)
- UnitedLex hit by d0nut ransomware team, 200 GB of corporate files leaked (unknown)
- Illinois’s Olympia CUSD 16 hit by ransomware gang (unknown)
- Taiwanese PC parts maker MSI falls victim to ransomware (unknown)
- Ransomware attack at NJ County Police Department locks up criminal investigative files (unknown)
- PharMerica and BrightSpring Health Services hit by ransomware (unknown)
- Chilean IT multinational SONDA reportedly struck with ransomware (unknown)
- Capita admits that its ‘cyber incident’ was ransomware and that customer data was breached (unknown)
- Point32Health suffers ransomware attack (unknown)
- Rochester Public Schools reintroduce technology following cyber attack (unknown)
- Cementos Bío-Bío attacked by ransomware gang (unknown)
- Mexico’s National Water Commission hit by ransomware (unknown)
- Yum! Brands notifies consumers of data breach following ransomware attack (unknown)
- CommScope Holding Company experiences ransomware attack (unknown)
- Associates in Dermatology announces data breach stemming from ransomware attack at VPN Solutions (unknown)
- Nine US healthcare firms embroiled in GoAnywhere breach (unknown)
- Kenya’s Naivas supermarket’s system hacked, data stolen (unknown)
- Yellow Pages Canada confirms cyber attack as Black Basta leaks data (unknown)
- Cyber attack disrupts Lowell city government in suspected ransomware attack (unknown)
- Ransomware attack reported in Spartanburg County, South Carolina (unknown)
- Hardenhuish School in Chippenham hit by ransomware attack (unknown)
- Data from charities stolen in ransomware attack (unknown)
- Albany ENT & Allergy Services hit by ransomware (unknown)
- Emmanuel College, Boston, working to recover from ransomware attack (unknown)
- Banco de Venezuela hit by ransomware (unknown)
- Ransomware gang targets Valid Certificadora Digital (unknown)
>
Data breaches
- Alcohol recovery startups Monument and Tempest shared patients’ private data with advertisers (unknown)
- Service NSW breach exposes personal data affecting thousands of customers (3,700)
- TAFE South Australia has revealed a data breach (2,224)
- Tesla workers shared sensitive images recorded by customer cars (unknown)
- Alcohol recovery startups Monument and Tempest shared patients’ private data with advertisers (unknown)
- Mastodon vulnerability exposes sensitive information (unknown)
- Throne fixes security bug that exposed creators’ private home addresses (unknown)
- John Muir Health – Walnut Creek Medical Center experiences data breach following unauthorised disclosure of patient information (unknown)
- Sensitive medical notes found dumped in Telford by jogger (unknown)
- McLaren Greater Lansing Hospital accused of leaving patient medical records in decommissioned hospital (unknown)
- Vulnerability in Salesforce Community causing widespread data leaks (unknown)
- Diocese of Las Vegas reports cyber security breach (unknown)
- Missouri government learns that website leaking residents’ personal data (unknown)
>
Malicious insiders and miscellaneous incidents
- Campbellford Memorial Hospital employee makes ‘unauthorized’ access to patient records (3,500)
- School principal resigns after writing $100,000 check to Elon Musk impersonator (unknown)
The post List of Data Breaches and Cyber Attacks in April 2023 – 4.3 Million Records Breached appeared first on IT Governance UK Blog.
