Top 6 Cyber Attacks in 2023

There has been a wide range of cyber Attacks in 2023 featuring sophisticated threat actors, nation-state recon, and thousands of data breaches. The cybersecurity community has not had an easy year and these major cyber attacks have resulted in significant, real-world damages. In light of the new year, here is a breakdown of the top cyber attacks of 2023. 

1. Huge Financial Losses Faced by Royal Mail

Kicking off 2023 with a brutal cyber attack: Royal Mail, the UK postal service, fell victim to a ransomware attack, causing a temporary suspension of its international delivery operations. The notorious LockBit group then demanded £65.7 million ($79.85 million) in exchange for the stolen data. Royal Mail refused to comply with the extortion demand. However, the aftermath of the cyber attack inflicted substantial financial loss, compelling them to allocate approximately £10 million towards ransomware remediation.

Read more about cyber risk in parcel delivery companies.

2. Massive Data Breach at T-Mobile 

In a significant data breach at T-Mobile, a staggering 37 million customers fell victim to an API cyber attack compromising personal and account information. The breach initially occurred on November 25, 2022, and went undetected until January 5, 2023. To add insult to injury, T-Mobile later disclosed another breach in February and March leading to further damages. Collectively, these breaches expose millions of customers to heightened vulnerability, making them susceptible to potential fraudulent activities.

3. Ransomware Attack Leads to a State of Emergency in Oakland

February 2023 witnessed a dire turn of events with a cyber attack that shut down government administrations. The City of Oakland, California, found itself grappling with the repercussions of a ransomware attack, prompting the local administration to declare a state of emergency. Hackers successfully accessed decade’s worth of highly sensitive data from the city’s servers. The stolen data encompassed crucial details about employees occupying sensitive roles, including those within the police force, amplifying the gravity of the breach.

Read more about cyber risk in government entities.

4. Exploitation at MOVEit File Transfer 

Mid-2023 was met with a widespread cyber attack at MOVEit, a file transfer software. The exploitation of a zero-day vulnerability affected numerous organizations across diverse sectors, including media and healthcare. The infamous ransomware group, Clop, took advantage of this flaw in May 2023. Despite the use of a patch by May 31, Clop persisted, leading to a surge in ransomware attacks. The aftermath of this incident is believed to have played a significant role in the record number of ransomware attacks observed in July 2023.

Since then, multiple class action lawsuits have been initiated against the company that developed MOVEit, Progress, as well as affected organizations, for their perceived failure to establish sufficient security protocols. Potential claims have included business interruption, privacy fines or other penalties, and class action suits resulting from data exfiltration.

The attack served as a reminder of possible systemic risk events facing cyber insurers as digital supply chains continue to be massive vulnerability to insureds and insurers alike. It also highlighted the difficulties for insurers with identifying exposures to zero day vulnerabilities such as this in their portfolios and impacts to their insureds’ supply chains. Many insureds will have found their cyber towers suffered massive losses as a result of this attack, so seeking damages, even where entitled, may prove to be a challenge.

5. MGM Taken Down by Cyber attacks

September 2023 marked a pivotal moment for MGM Resorts International as it disclosed a significant cyber attack involving multiple hotels and casinos. The ALPHV/BlackCat ransomware gang orchestrated the attack, using social engineering as an initial entry point. They were able to find an MGM Resorts employee on LinkedIn, impersonate them, and call the organization’s service desk to ask for access to their account. This suggests that MGM didn’t have a system to enforce end user verification at the service desk. After initial entry, they gained administrator rights and proceeded to deploy a ransomware attack. Despite the firm’s refusal to meet their ransom demand, the consequences were profound, with the incident incurring a staggering cost exceeding $100 million for MGM Resorts International. This incident underscored the financial toll and resilience required to withstand the impact of ransomware attacks within the realm of large-scale enterprises.

Read more about cyber risk in the hospitality sector.

6. 23andMe Faces Major Data Breach

Spooky season hailed a major cyber attack at 23andMe – an incident that underscored the vulnerability of systems houses deeply personal information. In October, the company acknowledged that its customers fell victim to a security breach, where profile information was compromised. The actors utilized a technique known as credential stuffing, leveraging previously compromised usernames and passwords to gain unauthorized access to user accounts. This method’s effectiveness is often compounded by the common practice of password recycling across different services. The threat actor asserted control over an extensive trove of 20 million data records. Subsequent investigations by 23andMe verified that the breach had affected over 6 million individuals, with the hackers successfully accessing a substantial volume of files containing detailed information about users’ ancestral backgrounds. This breach raised significant alarms about the security of personal data and its potential ramifications for the affected individuals.

The incident led to a class-action lawsuit against 23andMe, accusing the company of failing to protect the privacy of customers whose data were exposed. The lawsuit alleges that 23andMe did not adequately protect the privacy of customers, particularly those of Chinese and Ashkenazi Jewish descent. The legal repercussions of this breach are significant, as they set a precedent for how genetic data breaches are handled and the accountability of companies in protecting sensitive customer data.

Overall, 2023 brought an onslaught of damaging cyber attacks affecting organizations from a plethora of industries. From software companies to government buildings to hotels data breaches and ransomware attacks have led to financial losses in the millions of dollars. Hopefully, 2024 will encourage a rise in cyber insurance and security measures.