A Recap of Significant Data Breaches in 2023

Discover the recap of 2023 data breaches, impacting global businesses and emphasizing the critical need for enhanced cybersecurity measures

11/24/20233 min read

Data breaches continue to surge in 2023, impacting companies and organizations across the globe and costing millions in damages. The alarming trend persists, emphasizing the critical need for businesses to fortify their networks, enforce robust password policies, and educate employees to recognize phishing attempts.

Reported Incidents (Major) in 2023 so far:

November 2023:

  • Infosys Data Breach: Indian IT giant Infosys experiences a security event affecting its US unit, investigating the impact on its systems.

  • Boeing Data Breach: Aircraft manufacturer Boeing faces a cyber incident, collaborating with law enforcement to probe the attack. Flight safety remains unaffected.

October 2023:

  • Indian Council of Medical Research Data Breach: A massive breach exposes Covid test and health data of 815 million Indians, prompting calls for a government investigation.

  • Okta Data Breach: Identity services provider Okta discloses unauthorized access to its support case management system, urging users to reset passwords.

  • Air Europa Data Breach: Spanish airline Air Europa advises customers to cancel credit cards following a breach that leaked financial information.

September 2023:

  • Hunter Biden Data Breach Lawsuit: Hunter Biden sues Rudy Giuliani and Robert Costello for privacy invasion after accessing his personal information.

  • SONY Data Breach: Ransomware group Ransomware.vc targets SONY, extracting over 6,000 files due to alleged non-payment.

  • Ontario Birth Registry Data Breach: A data breach exposes healthcare information of 3.4 million people, exploiting vulnerabilities in the MOVEit file transfer tool.

August 2023:

  • Forever 21 Data Breach: Fashion retailer Forever 21 reveals a breach affecting 500,000 customers, compromising names, dates of birth, and sensitive financial details.

  • Duolingo Data Breach: Personal information of 2.6 million Duolingo users, including names and contact details, is leaked on BreachForums.

July 2023:

  • Maximus Data Breach: US government contractor Maximus suffers a major breach, exposing health-related data of 8 to 11 million citizens.

  • Roblox Data Breach: The data of 4,000 Roblox developers is exposed, including phone numbers and email addresses.

  • PokerStars Data Breach: The Cl0p ransomware cartel breaches PokerStars, stealing data of 110,000 customers, including social security numbers.

June 2023:

  • American Airlines Data Breach: Personal information of thousands of pilots applying for roles at American Airlines and Southwest Airlines is stolen.

  • UPS Canada Data Breach: United Parcel Service hints at customer data exposure in Canada due to fraudulent messages.

May 2023:

  • Apria Healthcare Data Breach: US healthcare company Apria Healthcare notifies 1.9 million customers of a data breach affecting select systems.

  • Suzuki Data Breach: Car manufacturer Suzuki halts operations in India after a cyberattack, resulting in a production loss of over 20,000 vehicles.

April 2023:

  • Pizza Hut/KFC Data Breach: Yum! Brands reports a ransomware attack exposing personal data, including names and ID card information.

  • MSI Data Breach/Ransomware Attack: Micro-Star International faces a data breach, with ransomware group Money Message demanding $4 million for stolen information.

March 2023:

  • ChatGPT Data Leak: OpenAI's ChatGPT experiences a data leak, exposing customer data, including credit card information.

  • US House of Representatives Data Breach: A healthcare provider in Washington DC, handling sensitive data of federal legislators, suffers a breach affecting up to 170,000 people.

February 2023:

  • Activision Data Breach: Call of Duty maker Activision reveals a data breach from a phishing attack, compromising employee data and content schedules.

  • Atlassian Data Breach: Australian software company Atlassian faces a data breach with hacker group "SiegedSec" accessing employee data and office floor plans.

January 2023:

  • JD Sports Data Breach: Fashion retailer JD Sports experiences a data breach affecting up to 10 million people, advising customers to remain vigilant.

  • Twitter Data Breach: A bank of email addresses belonging to 200 million Twitter users is sold on the dark web, highlighting persistent security challenges.

The escalating frequency and severity of data breaches underscore the imperative for organizations to enhance cybersecurity measures and address vulnerabilities promptly.