Topics
belated
AI
Amazon
Image Credits:MirageC / Getty Images
Apps
Biotech & Health
mood
Image Credits:MirageC / Getty Images
Cloud Computing
DoC
Crypto
Enterprise
EVs
Fintech
fund raise
Gadgets
Gaming
Government & Policy
computer hardware
Layoffs
Media & Entertainment
Meta
Microsoft
privateness
Robotics
Security
societal
outer space
inauguration
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Hackers had a busy year exploiting popular file-transfer tools and targeting under-resourced organizations
This class , 2023 , was a hell on earth of a year for datum breach , much like the year before it(and the year before that , etc . ) . Over the past 12 months , we ’ve see cyber-terrorist ramp up their exploitation of bug in popular file - transference peter to compromise thousands of governance , ransomware gangs dramatise belligerent new tactic train at extorting their victims and attackers continue to target under - resourced system , such as infirmary , to exfiltrate extremely sensitive information , like patients ’ healthcare information and indemnity item .
In fact , according to October data from the U.S. Department of Health and Human Services ( HHS ) , health care breachesaffected more than 88 million individuals , up by 60 % equate to last year . And that does n’t even account for the last two months of the year .
We ’ve round up the most devastating data breaches of 2023 . Here ’s hope we do n’t have to update this list before the twelvemonth is out …
Fortra GoAnywhere
Just calendar week into 2023,hackers exploited a zero - day vulnerability affecting Fortra ’s GoAnywheremanaged file cabinet - transport computer software , allowing the mass hacking of more than 130 companies . This exposure , tracked as CVE-2023 - 0669 , was known as a zero - sidereal day because it was actively exploited before Fortra had time to eject a patch .
The slew hacks exploiting this critical outback injection defect were quickly exact by the ill-famed Clop ransomware and extortion gang , which slip data from more than 130 victim organizations . Some of those move includedNationBenefits , a Florida - based engineering science party that offers supplementary benefits to its 20 million - plus members across the United States;Brightline , a virtual coaching job and therapy provider for children ; Canadian funding giant Investissement Québec ; Switzerland - found Hitachi Energy ; andthe City of Toronto , to name just a few .
As divulge by TechCrunch in March , two months after intelligence of the muckle hack first came to light source , some victim organizations only learned that data had been exfiltrated from their GoAnywhere systems after they each received a ransom requirement . Fortra , the company that arise the GoAnywhere creature , previously told these organizationsthat their data was unaffected by the incident .
Royal Mail
January was a officious month for cyberattacks , as it also saw U.K. postal giant star Royal Mail substantiate that it had been the victim of a ransomware attack .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
This cyberattack , first confirmed by Royal Mail on January 17 , causedmonths of to-do , leaving the British postal giant unable to process or dispatch any letter or parcels to finish outside of the United Kingdom . The incident , which wasclaimed by the Russia - linked LockBit ransomware gang , also realize the thieving of sensitive data point , which the hacker chemical group post to its dark WWW leak site . This data point included technical information , human resource and staff disciplinal records , details of salaries and overtime payments , and even one staff member ’s COVID-19 inoculation criminal record .
The full scurf of the data break stay on unknown .
3CX
software system - free-base phone system maker 3CX is used by more than 600,000 organizations worldwide with more than 12 million active casual users . But in March , the company wascompromised by hackerslooking to target its downstream customers by plant malware in the 3CX client software package while it was in development . This intrusion wasattributed to Labyrinth Chollima , a subunit of the infamous Lazarus Group , the North Korean government hack unit known for furtive jade targeting cryptocurrency rally .
To this day , it ’s unknown how many 3CX client were targeted by this brazen supply - string attack . We do know , however , thatanother supply - chain attempt caused the breach . As per Google Cloud - owned Mandiant , attackers compromised 3CX by mode of a malware - sully interpretation of the X_Trader fiscal software found on a 3CX employee ’s laptop .
Capita
April sawhackers compromise U.K. outsourcing elephantine Capita , whose client include the National Health Service and the U.K. Department for Work and Pensions . The radioactive dust from this hack spanned month as more Capita customers learned that tender data had been steal , many week after the compromise had first adopt office . The Universities Superannuation Scheme , the U.K. ’s magnanimous private pension supplier , was among those affected , confirming in May that thepersonal details of 470,000 members was likely accessed .
This was just the first cybersecurity incident to hit Capita this yr . Not long after Capita ’s huge data severance , TechCrunchlearned that the outsourcing colossus left thousands of files , totaling 655 gigabytes in sizing , expose to the net since 2016 .
MOVEit Transfer
Themass exploitation of MOVEit Transfer , another pop data file - transfer shaft used by enterprisingness to securely share file , stay on the largest and most negative breach of 2023 . The side effect from this incident — which uphold to ramble in — began in May when Progress Software disclosed a critical - shit zero - day vulnerability in MOVEit Transfer . This defect appropriate the Clop gang to carry out a 2d round of aggregate hacks this year to steal the tender datum of M of MOVEit Transfer customers .
accord to the most up - to - date statistic , the MOVEit Transfer breach has so far claimed more than 2,600 victim organizations , with hacker accessing the personal data of almost 84 million mortal . That includesthe Oregon Department of Transportation(3.5 million records stolen),the Colorado Department of Health Care Policy and Financing(four million ) andU.S. regime services contracting giant Maximus(11 million ) .
In September , China - backed hacker obtained a extremely sensitive Microsoft email signing key , which grant the hackers to stealthily break into dozens of e-mail inboxes , including those belonging toseveral federal government way . These cyber-terrorist , which Microsoft claims belonged to a newly discovered espionage group tracked as Storm-0558 , exfiltrated unclassified email data from these email accounts , accord to U.S. cybersecurity agency CISA .
In a post - mortem , Microsoft said that it stilldoes not have concrete evidence ( or require to share ) how these assaulter initially broke inand allow the hackers to steal its skeleton key for accessing email account . The tech titan has since front considerable examination for its treatment of the incident , which is think to be the biggest breach of unclassified government data point since theRussian espionage campaign that hacked SolarWinds in 2020 .
CitrixBleed
And then it was October , and cue yet another wave of aggregate hacks , this timeexploiting a critical - blackleg exposure in Citrix NetScaler scheme . Security researchers say they observe attackers exploiting this flaw , now known as “ CitrixBleed , ” to break into organisation across the humans spanning retail , healthcare and fabrication .
The full impact of these mass hacks continues to germinate . But LockBit , the ransomware gang responsible for the attacks , claim to have compromise cock-a-hoop - name firms by exploiting the flaw . The CitrixBleed hemipteran permit the Russia - linked gang to distil sensitive information , such as school term cookie , usernames and passwords , from affected Citrix NetScaler system , granting the hackers deeper access to vulnerable networks . This admit known victims like aerospace giant Boeing , law business firm Allen & Overy and the Industrial and Commercial Bank of China .
23andMe
In December , DNA testing company23andMe confirmed that hackers had stolen the ancestry data of one-half of its customers , some 7 million people . However , this admittance came weeks after it was first revealed in October that drug user and familial datum had been taken after a hacker write a luck of the stolen profile and DNA information of 23andMe users on a well - known hacking meeting place .
23andMe ab initio enjoin that hackers had accessed substance abuser accounting by using steal drug user passwords that were already made public from other data breaches , but later let in thatthe breach had also affect those who prefer into its DNA Relatives feature , which matches exploiter with their genetic relatives .
After expose the full extent of the data breach,23andMe commute its condition of religious service to make it more hard for rupture dupe to charge legal claimsagainst the party . attorney described some of these changesas “ cynical ” and “ ego - attend to . ”If the rift did one good thing , it ’s that itprompted other deoxyribonucleic acid and genic testing companiesto bitch up their user accounting surety in light of the 23andMe data breach .
secretiveness gets you nowhere in a data rupture
