Massive hacks, data breaches, digital scams, and ransomware attacks persisted unabated throughout the first half of this complex year, whether the first half of 2023 felt endless or fleeting—or both.
Given the Covid-19 epidemic, global geopolitical upheaval, economic instability, acrimonious human rights conflicts, cybersecurity vulnerabilities, and cyberattacks have become deeply ingrained in many facets of daily life.
But there’s still more to come with six more months left in the year. Here are some of the biggest breaches of online security this year.
1. Microsoft Breached by Lapsus$ Hacker Group
The hacking collective Lapsus$ said they had infiltrated Microsoft via a screenshot sent to their Telegram channel on March 20, 2023.
The screenshot obtained in the Microsoft collaboration tool Azure DevOps showed that the intrusion affected Bing, Cortana, and other projects.
Microsoft released a statement on March 22 acknowledging the assaults had taken place. According to Microsoft’s explanation, only one account was taken over in the attack, and the company’s security staff was able to stop it before Lapsus$ could infiltrate further into their organization. They claimed that no customer data had been accessed.
Lapsus$ is “a large-scale social engineering and extortion campaign against several enterprises with some seeing signs of harmful aspects,” according to the security team at Microsoft. They thoroughly describe the group’s strategies, proving that Microsoft had been closely researching Lapsus$ before the incident.
Lapsus$, on the other hand, Lapsus$ has frequently asserted that they are only acting for commercial gain: Remember: We have no political motivations; money is our only purpose. They recently released a message encouraging tech professionals to hack their workplaces, showing that they appear to take advantage of insider threats.
2. Telecoms Breach by Chinese Hackers
The US Cybersecurity and Infrastructure Security Agency issued a warning at the beginning of June stating that hackers backed by the Chinese government had compromised several critical targets worldwide, including “major telecoms corporations.”
According to CISA, they did this by concentrating on known router flaws and flaws in other network hardware, including products from suppliers like Cisco and Fortinet.
The warning did not name any particular victims. Still, it alluded to anxiety over the results and the necessity for enterprises to strengthen their digital defenses, particularly when managing substantial amounts of sensitive user data.
The targeting and breach of significant telecommunications corporations and network service providers are described in the advice, according to CISA. Cybercriminals could regularly exploit and obtain access to insecure infrastructure equipment over the past few years, thanks to several high-severity vulnerabilities for network devices. Additionally, people frequently ignore these gadgets.
Separately, News Corp was infiltrated by hackers who were probably carrying out Chinese espionage, as the business learned on January 20.
News Corp quickly claimed that no client information was taken during the breach and that business, as usual, had not been interfered with.
Instead, News Corp found proof that its journalists’ emails had been taken.
Although the thieves have not been found, News Corp has suggested that espionage is the cause of the hack, which makes sense given that News Corp servers house a lot of sensitive data.
The Wall Street Journal and its parent company, Dow Jones, the New York Post, as well as several magazines in Australia are all owned by News Corp.
3. Red Cross
In a cyberattack on the International Committee of the Red Cross, hackers stole the data of more than 515,000 incredibly vulnerable people, some of whom had fled the war.
Red Cross stated, “A sophisticated cybersecurity attack against computer servers hosting information held by the International Committee of the Red Cross (ICRC) was detected this week.”
They also said, “The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.”.
The organization, which has its headquarters in Geneva, has no immediate information on a potential attacker.
According to the report, the hackers targeted a Swiss company that the ICRC hires to hold data on its behalf. There was no proof that the compromised data had been disclosed or made available to the general public.
According to the International Committee of the Red Cross (ICRC), its “most pressing concern” is the “potential risks that come with this breach – including confidential information being shared publicly – for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families.”
At least 60 national Red Cross and Red Crescent groups from around the world were considered the origin of the data.
The ICRC director general, Robert Mardini, called on those responsible for doing the right thing and not sharing, selling, leaking, or otherwise using that data.
The ICRC was obliged to take down the computer systems supporting its Restoring Family Links program, which works to reconnect families split apart by conflict, catastrophe, or migration due to the attack.
One of the world’s largest and best-known cryptocurrency exchanges, Crypto.com, which famous actor Matt Damon now supports, acknowledged that 483 of its users were affected by a hack earlier this year that resulted in $35 million worth of unauthorized withdrawals of bitcoin and ether from the exchange. The business had initially claimed that the crime had netted $15 million.
The business reported that it noticed that transactions were being allowed for a small number of accounts without the second factor of authentication, which is the extra one-time code beyond the passcode that permits access into the system being provided by a user.
All withdrawals on Crypto.com were suspended for 14 hours while it conducted its investigation. All clients were then needed to log in and go through a fresh two-factor authentication process.
As an additional precaution, Crypto.com created a feature that notifies the user whenever a new address is added to an account as a payee and gives them 24 hours to reverse any payment they didn’t allow.
The breach is one of many attacks that have resulted in multimillion losses in the crypto industry.
Block, Inc., the parent company of Cash App, stated in an SEC filing that it sought to get in touch with some 8.2 million past and present users of its investment services after a data breach exposed names, brokerage portfolio values, and account numbers.
A worker who had regular access to the files during their tenure downloaded client records after leaving the company, according to Block’s form 8-K. The company stated that Social Security numbers, birthdays, payment card information, and other personally identifiable information were not accessed, and the reports did not include Cash App users or passwords.
It was obvious that the offender had a serious vendetta against the company. The attack involved client names, stock trading information, account numbers, portfolio values, and other very sensitive financial data.
Cybersecurity should be at the top of your list so your business doesn’t end up on a list like this. Businesses of any size should move this aspect near the top of your business plan. If you are looking for a great SMB managed IT security partner we recommend MyTek, even if you decide not to go with them they will be a tough act to follow.