Welcome to our March 2023 list of data breaches and cyber attacks. Our research identified exactly 100 publicly disclosed incidents during the month, accounting for 41,970,182 breached records.
You can find the full list of data breaches and cyber attacks below, including our new feature in which we delve into the month’s biggest incidents in a little more detail.
Meanwhile, if you enjoy this sort of cyber security news, be sure to subscribe to our Weekly Round-up to receive the latest stories straight to your inbox.
Biggest data breaches in March 2023
- Latitude Financial
The largest confirmed data breach of March 2023 occurred at Latitude Financial, with more than 14 million records being compromised.
The Melbourne-based company, which provides personal loans and credit cards to people in Australia and New Zealand, reported that cyber criminals had captured several different types of data.
Almost 8 million drivers licences were stolen, along with 53,000 of passport numbers and dozens of monthly financial statements.
An additional 6 million records dating back to “at least 2005” were also compromised in the attack, the source of which is not yet known.
The most concerning aspect of this breach is that Latitude Financial originally reported that only 300,000 people had been affected. This suggests that it had a poor understanding of the attack and rushed to disclose the breach.
Having to then update its estimate invites further public scrutiny of the attack and could see customers lose faith in the company.
Most of us are aware by now that data breaches can occur anywhere, so falling victim to an attack isn’t necessarily a sign of ineffective security measures. However, a mismanaged response suggests that an organisation isn’t prepared for an attack, and it bodes poorly for ongoing remediation efforts.
- GoAnywhere
A vulnerability in the file transfer service GoAnywhere has enabled cyber criminals to exploit dozens of organisations that use the tech. Details of the sprawling attack continue to emerge, with some reports estimating that as many as 130 organisations have been targeted.
Until recently, these details were coming from GoAnywhere or its parent company, Fortra, but individual victims.
Organisations that are confirmed to have been targeted include Hatch Bank, the City of Toronto, the cyber security company Rubrik and Hitachi Energy. In each case, the victim has reported that it was breached through the GoAnywhere MFT remote code execution vulnerability.
The attacks have been attributed to the Clop ransomware gang, but coverage of their activity is not consistent with traditional ransomware attacks. Reports suggest that the group is stealing the data rather than encrypting the organisations’ systems and holding them to ransom.
Regardless of the specific techniques being used, it’s likely that millions of sensitive data records have been compromised – although few victims have listed specific figures.
- AT&T
AT&T has notified approximately 9 million customers that their personal data has been exposed in a data breach.
The telecoms giant said that the breached records include people’s names, wireless account numbers, phone numbers and email addresses. It’s confident that more sensitive data, such as payment card numbers, Social Security numbers and passwords, have not been affected.
However, AT&T conceded that, in a “a small percentage” of cases, customers’ rate plan name, past due amounts, monthly payment amounts and other account data was affected, although it said that the information was “several years old”.
AT&T was eager to note that the breach related to a vendor and that it’s own systems had not been compromised. It didn’t name the vendor.
Cyber attacks
- WHSmith targeted by hackers in cyber attack as company data at risk (unknown)
- College of the Desert alerting those affected by malware attack last summer (800)
- Gun Auction website compromised as hackers’ steal customer data (550,000)
- Denver Public Schools employees’ data stolen in a cyber security incident (15,000)
- HDFC Bank data breach exposed on Internet? Hacker leaks sensitive information (unknown)
- Acer confirms breach after 160GB of data for sale on hacking forum (unknown)
- AT&T notifying some wireless customers of vendor incident (9 million)
- Bone & Joint Clinic reports “network disruption” that breached employee and patient information (unknown)
- ZOLL Medical notifying patients of security breach (1,004,443)
- Wilkes-Barre Career and Technical Center averts catastrophe from cyber attack (unknown)
- Data from Vietnam’s state-owned oil and gas group and affiliated firms leaked (unknown)
- NorthStar Emergency Medical Services notifies patients of September hacking incident (82,450)
- Beaver Medical Group notifying patients whose information was accessed in phishing incident (unknown)
- AllCare Plus Pharmacy notifies patients of phishing incident last year (5,971)
- Threat actors exploit Progress Telerik vulnerability in US government IIS server (unknown)
- Latitude Financial hacked as customer identification documents stolen (14 million)
- HLA Grupo Hospitalario data listed for sale after web server misconfiguration (46,600)
- NBA alerts fans of a data breach exposing personal information (unknown)
- Argentina’s CEOSP suffers cyber attack (unknown)
- India’s Department of Health seeks help after website compromised (unknown)
- Lansing Community College dealing with “cybersecurity incident” (unknown)
- Largest Crypto ATM manufacturer, General Bytes, hacked over security hitch (unknown)
- Australian skin cancer survey hacked with participants’ data potentially compromised (1,128)
- Ferrari hits a roadblock as cyber criminals hold it to ransom (unknown)
- DC Health Link confirms breach, but questions remain (56,415)
- Top of the World Ranch Treatment Center notifies patients after email account compromise (unknown)
- Czech and Slovak operator Skylink has fallen victim to cyber attack (unknown)
- Cyber attack disrupts Spanish medicine distributor Alliance Healthcare (unknown)
- Our Lady of the Lake hit by cyber attack (unknown)
- Costa Rica’s El Consejo Nacional de Supervisión del Sistema Financiero hit by cyber attack (unknown)
- Hackers Steal $500,000 worth of tokens from Arbitrum airdrop (unknown)
- Cyber breach affects eastern North Carolina postal service (unknown)
- Hackers shut down Wisconsin court system computer network in DDoS attack (unknown)
- Brest CHRU returns to business after suffering a cyber attack (unknown)
- Cyberattack on debt-buying giant NCB Management exposes sensitive info (494,969)
- Newton school district, Kansas, cancelled all classes today after a computer network breach (unknown)
- Dutch railway NS warns customers about security breach (780,000)
- Students’ bank accounts compromised because of vendor ticketing software breach (13,045)
- The Yucatan government announces that its central server was targeted in a cyber attack (unknown)
- Consumer lender TMX discloses security breach affecting customer data (4,822,580)
- Chick-fil-A says website and app hacked (unknown)
- Merced College provides notice of security breach to students following malware attack (unknown)
- 1st Franklin Financial Corporation notifies customers of recent security breach (unknown)
- Oklahoma City University notifies students and employees of security breach (unknown)
- American Pain and Wellness files notice following cyber attack (unknown)
- Happy State Bank notifies customers after falling victim to phishing scam (10,069)
- Convergent Outsourcing files notice of security breach (unknown)
- SundaySky notifies consumers of recent security breach (37,095)
- Blue Shield of California tells customers about third-party cyber attack (63,341)
- Bright Horizons notifies current and former employees of recent security breach (unknown)
- Texas Medical Liability Trust files notice of cyber attack (unknown)
- Trinity Health Corporation reports security breach following compromised employee email account (unknown)
- US Wellness announces security breach affecting patients’ protected health information (11,459)
- Central National Bank notifies Texas AG of security incident (unknown)
- Lawrence General Hospital reports “cyber security event” affecting patient data (76,371)
- Voya Financial Advisors reports security breach leaking Social Security numbers (unknown)
If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.
Ransomware
- City of Waynesboro, Virginia, targeted in ransomware attack (unknown)
- Florida Medical Clinic hit by ransomware (unknown)
- Northeast Surgical Group notifies patients of a HIPAA breach (15,298)
- Independent Living Systems updates its breach disclosure, notifying patients of data leak (4,226,508)
- Autoridad de Acueductos y Alcantarillados confirms ransomware attack (unknown)
- Seattle’s Shoreline College website hacked (unknown)
- Tennessee-based Oak Ridge held to ransom in cyber attack (unknown)
- Personal data of Medicare beneficiaries at risk ransomware attack on Healthcare Management Solutions (254,000)
- Rio Tinto data vendor GoAnywhere’s possible breach spotted in Jan-end (unknown)
- Paraguay’s Fabrega Molino targeted in ransomware attack (unknown)
- Hitachi Energy latest victim of Clop GoAnywhere attacks (unknown)
- Pension Protection Fund confirms employee data exposed in GoAnywhere breach (300,000)
- Hatch Bank discloses data breach after GoAnywhere MFT hack (unknown)
- Rubrik says it has been compromised by GoAnywhere vulnerability (unknown)
- Crown Resorts joins growing list of GoAnywhere cyber attack victims (unknown)
- Saks Fifth Avenue says mock data stolen in GoAnywhere attack (unknown)
- Procter & Gamble is the latest big GoAnywhere zero-day victim (unknown)
- Data stolen from Florida sheriff’s office leaked by ransomware group (unknown)
- Lewis & Clark College cyber attack claimed by notorious ransomware gang (unknown)
- Alabama’s Jefferson County School system victim of ransomware attack during Spring Break (unknown)
- Institute for Liver Health evasive after ransomware attack (1,277)
- Employee and patient files from Montgomery General Hospital leaked by ransomware group (unknown)
- Florida Medical Clinic Notifies patients of ransomware attack (94,132)
- Associates in Dermatology announces disruption caused by ransomware attack against VPN Solutions (unknown)
Data breaches
- Sentara Health notifying patients after data accidentally exposed online (741)
- UNC data leak exposes Social Security numbers (1,025)
- Break-in poses security threat to Multnomah County Health Department patients (2,000)
- NYC special needs students’ records found exposed on web (47,200)
- Kroger notifies Postal Prescription Service patients of mistaken information sharing (82,466)
- Texas doctor learns that medical records are leaking online (682,000)
- Braintree GP surgery warns of data breach after ‘confidential’ information blows across road (unknown)
- ChatGPT suffers first data breach, exposes personal information (unknown)
- Dutch software provider Nebu suffers data breach (2 million)
Malicious insiders and miscellaneous incidents
- Hong Kong doctor suspended over medical records breach (unknown)
- Boonton police captain allegedly steals computer towers, internal affairs records (unknown)
- Asante notifies patients whose records were inappropriately accessed by a physician (8,834)
- Cerebral Inc. notifying patients of tracking technologies breach (3,179,835)
- Beacon Health System employee accessed patient data (3,117)
- OU Health notifying patients after theft of employee’s laptop (unknown)
- Private records of some Canberra Health Services patients ‘deliberately’ sent to industrial partner (13)
- South African government condemns break-in at Ravensmead CDC (unknown)
- Video captures thief stealing hundreds of medical records from Sherman Oaks dental office (unknown)
The post List of Data Breaches and Cyber Attacks in March 2023 – 41.9 Million Records Breached appeared first on IT Governance UK Blog.