{"id":127303,"date":"2023-12-28T08:08:28","date_gmt":"2023-12-28T06:08:28","guid":{"rendered":"https:\/\/10guards.com\/?p=127303"},"modified":"2024-04-18T19:12:14","modified_gmt":"2024-04-18T17:12:14","slug":"data-breaches-that-hit-the-headlines-in-2023","status":"publish","type":"post","link":"https:\/\/10guards.com\/es\/blog\/2023\/12\/28\/data-breaches-that-hit-the-headlines-in-2023\/","title":{"rendered":"Data Breaches that hit the headlines in 2023"},"content":{"rendered":"<p class=\"qtranxs-available-languages-message qtranxs-available-languages-message-es\">Disculpa, pero esta entrada est\u00e1 disponible s\u00f3lo en <a href=\"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/127303\" class=\"qtranxs-available-language-link qtranxs-available-language-link-en\" title=\"en\">en<\/a> y <a href=\"https:\/\/10guards.com\/ua\/wp-json\/wp\/v2\/posts\/127303\" class=\"qtranxs-available-language-link qtranxs-available-language-link-ua\" title=\"ua\">ua<\/a>.<\/p><p><strong>As we round off the year, take a look at some of the most noble cyber breaches that took place every month this year.<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>This year\u2019s cyber-threat landscape was uniquely ferocious. The global average cost of a data breach rose to $4.45 million, up 15% over the past three years\u00a0<a href=\"https:\/\/www.ibm.com\/reports\/data-breach\">according to IBM<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>This year also saw nearly 6 billion breached records, 3.8 billion of which came from one breach alone. 1 billion emails alone were exposed, meaning one in five internet users were affected.<\/p>\n<p>&nbsp;<\/p>\n<p>That being said, here are some of the most notorious breaches from each month of the year.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>January<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Twitter<\/strong><strong>\u00a0<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>Just a few days into the new year, the email addresses tied to 235 million Twitter accounts were shared online in a hacking forum. While the exposed information didn\u2019t extend beyond that, it did bring with it broader implications. Many users post anonymously, and exposing the email address used to set up an account could identify users who post dissent in authoritarian nations.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">.<a href=\"https:\/\/twitter.com\/elonmusk?ref_src=twsrc%5Etfw\">@elonmusk<\/a>, just got an alert from credit monitoring that my information was leaked in a data breach from <a href=\"https:\/\/twitter.com\/twitter?ref_src=twsrc%5Etfw\">@Twitter<\/a>? Can you share any information on this breach and what Twitter is doing to protect our information? <a href=\"https:\/\/t.co\/IeJpO9JKx2\">pic.twitter.com\/IeJpO9JKx2<\/a><\/p>\n<p>&mdash; James Locke (@arctechinc) <a href=\"https:\/\/twitter.com\/arctechinc\/status\/1613334397012570114?ref_src=twsrc%5Etfw\">January 12, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>JD Sports<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The sports clothing retailer JD Sports suffered a breach that affected about 10 million customers. The data was confined to billing and delivery addresses, phone numbers, order details, and the final four digits of payment cards, opening affected users up to be the victim of scams.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>T-Mobile<\/strong><strong>\u00a0<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>This US company disclosed that 37 million prepaid and postpaid accounts were exposed. This breach marked the ninth since 2018. The company said they first noticed the attack on January 5th and said that the information obtained for each customer varied, but \u201cmay have included full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines.\u201d<\/p>\n<h3><\/h3>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>February<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>PeopleConnect<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>This background check services organization confirmed a data breach that affected 20 million people. The breach happened when criminals leaked a 2019 backup database which included information from customer accounts created between 2011 and 2019. Information included email addresses, hashed passwords, and full names.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Ion Group<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>LockBit, a Russian-linked ransomware gang, attacked software provider Ion Group, a company that plays a key role in the underbelly of trading, debt, and derivatives in Square Mile and around the world. While only 42 clients were affected, the attack had a knock-on effect, leading to other trade processing systems to process trades manually.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The City of London traders hit by <a href=\"https:\/\/twitter.com\/hashtag\/Russia?src=hash&amp;ref_src=twsrc%5Etfw\">#Russia<\/a>-linked <a href=\"https:\/\/twitter.com\/hashtag\/cyberattack?src=hash&amp;ref_src=twsrc%5Etfw\">#cyberattack<\/a>. Lockbit targeted trading software provider Ion Group. Ion said 42 clients have been affected by the attack as it faces disruption in its cleared derivatives division. <a href=\"https:\/\/t.co\/pia0PNdYeT\">https:\/\/t.co\/pia0PNdYeT<\/a><\/p>\n<p>&mdash; Share_Talk \u2122 (@Share_Talk) <a href=\"https:\/\/twitter.com\/Share_Talk\/status\/1620810031410319360?ref_src=twsrc%5Etfw\">February 1, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p><span style=\"color: #afcf60;\"><strong>Royal Mail<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The same group that hit Ion Group also hit Royal Mail earlier in the month. After refusing to pay an $80m ransom, around 11,500 Post Office branches were unable to handle international mail or parcels. While the disruption lasted roughly six weeks, according to TechCrunch, the 45 GB data dump published from the attack by LockBit did not contain much sensitive customer or financial information.<\/p>\n<h3><\/h3>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>March<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Latitude Financial<\/strong><strong>\u00a0<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The largest data breach this month was at Latitude Financial, with over 14 million records compromised. The Melbourne-based company provides personal loans and credit cards to people in Australia and New Zealand. Hackers were able to steal almost 8 million driver\u2019s licenses, 53,000 passport numbers, dozens of monthly financial statements, and 6 million records dating back to 2005.<\/p>\n<p>&nbsp;<\/p>\n<h4><span style=\"color: #afcf60;\"><strong>ChatGPT<\/strong><\/span><\/h4>\n<p>&nbsp;<\/p>\n<p>ChatGPT, perhaps the most prolific website of 2023, experienced a breach in March of this year, which saw the payment-related information of 1.2% of ChatGPT Plus subscribers who were active during a specific nine-hour window be exposed on March 20th. According to\u00a0<a href=\"https:\/\/www.digit.fyi\/technology\/artificial-intelligence\/\">OpenAI<\/a>\u00a0officials, some users were able to see other users\u2019 email addresses, payment addresses, last four digits of credit card numbers, and credit card expiration dates.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">OpenAI&#39;s ChatGPT has suffered its first major personal data breach.<\/p>\n<p>The breach came during a March 20 outage and exposed payment-related and other personal information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window.<\/p>\n<p>&mdash; George Njoroge (@georgenjoroge_) <a href=\"https:\/\/twitter.com\/georgenjoroge_\/status\/1639960002390622209?ref_src=twsrc%5Etfw\">March 26, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Capita<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>One of the UK\u2019s largest\u00a0<a href=\"https:\/\/www.digit.fyi\/business\/\">business<\/a> processing outsourcing companies was hit by a ransomware attack, where criminals managed to exfiltrate data from Capita\u2019s servers belonging to around 90 organizations. The organization deals with the pensions of about 4.5 million people from companies such as Royal Mail, PwC, and Axa. The breach is believed to have cost Capita up to \u00a325 million.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>April<\/strong><strong>\u00a0<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Shields Health Care Group<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The largest data breach this month was Shields Health Care Group, based in Massachusetts, US. The cyber-criminal gained access to the personal data of 2.3 million people, for two weeks which included social security numbers, dates of birth, home addresses, <a href=\"https:\/\/www.digit.fyi\/sectors\/health\/\">healthcare<\/a> provider information and healthcare history, billing information, insurance numbers, and other financial details.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Yum! Brands<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>This month, Yum! Brands, which represents KFC Taco Bell, and Pizza Hut announced they had suffered from a cyber-attack that affected both corporate and employee data. The attack resulted in almost 300 locations across the UK shutting down.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>MSI<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The computer hardware company confirmed that a ransomware gang called Money Message had stolen 1.5TB of company data including source code and threatened to make the data public if MSI didn\u2019t pay $4 million. When no ransom was paid, Money Message began to leak the MSI data on its leak site.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">MSI confirms security breach after Money Message ransomware attack: Multinational\u00a0IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message\u2026 <a href=\"https:\/\/t.co\/DrXVi8Y4B6\">https:\/\/t.co\/DrXVi8Y4B6<\/a> <a href=\"https:\/\/t.co\/514tdJyMaQ\">pic.twitter.com\/514tdJyMaQ<\/a><\/p>\n<p>&mdash; Shah Sheikh (@shah_sheikh) <a href=\"https:\/\/twitter.com\/shah_sheikh\/status\/1644424455463276544?ref_src=twsrc%5Etfw\">April 7, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>May<\/strong><strong>\u00a0<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Discord<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>During this month, the popular messaging platform notified its users of a data breach that occurred when a third-party support agent\u2019s account was compromised, giving the attackers access to the agent\u2019s support ticket queue. As a result, user email addresses, customer service messages, and any attachments sent between users and Discord may have been exposed.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>US Government<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The system that is used to process transport expenses that\u00a0<a href=\"https:\/\/www.digit.fyi\/sectors\/government\/\">government<\/a> employees commuting into offices claim back was hit by a breach, which resulted in roughly 237,000 employees being exposed. However, the US Congress pointed out that the breach was isolated and no systems that dealt with transportation safety had been affected.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Sony<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>A zero-day exploit was carried out by the Clop ransomware group this month which exposed the data of 6,791 current and former Sony employees. The specifics of what stolen personal data was redacted by Sony, however, the company did disclose that the hackers were able to access personally identifiable information about US-based employees.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>June<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>MOVEit<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>Perhaps one of the most prolific cyber-attack campaigns of the year was carried out by the Clop ransomware gang. They exploited a zero-day bug in the MOVEit enterprise file transfer tool, which led to data stolen from roughly 2,000 organizations, and data thefts affecting more than 62 million people. In the UK, an HR solutions and payroll provider was targeted, exposing data from companies like Bots, British Airways, and the BBC.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The cl0p ransomware gang has added a public statement on their dark web\/Tor hidden services .onion leak site, claiming responsibility for the MOVEit Transfer exploitation.<\/p>\n<p>They are starting the clock to hear from victims until June 14th. <a href=\"https:\/\/t.co\/wvuzzQj7Y1\">pic.twitter.com\/wvuzzQj7Y1<\/a><\/p>\n<p>&mdash; John Hammond (@_JohnHammond) <a href=\"https:\/\/twitter.com\/_JohnHammond\/status\/1666216090584887296?ref_src=twsrc%5Etfw\">June 6, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>UK Universities<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>A risk monitoring platform discovered that 2.2 million breached credentials were found on the dark web for the UK&#8217;s top 100 universities. 57% of the emails, usernames, and passwords discovered belonged to Russel Group Universities which include the University of Edinburgh, and the University of Glasgow, as well as larger universities like the University of Oxford and Cambridge.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Reddit<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>Hackers from the BlackCat ransomware gang threatened Reddit with leaking 80GB of confidential data stolen from its servers. The gang asked for $4.5 million in payment and for Reddit to renege on a new controversial pricing policy.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>July<\/strong><strong>\u00a0<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Tigo<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>This video chat platform leaked more than 700,000 people\u2019s data online, including names, usernames, gender, email, and IP addresses, as well as photos uploaded to accounts and private messages. Tigo is one of China\u2019s most popular messaging platforms despite the concerns around data <a href=\"https:\/\/www.digit.fyi\/security\/privacy\/\">privacy<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Roblox<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>About 4,000 members in Roblox\u2019s developer community had their data exposed in a lead. The information belonged to people who attended Roblox developer conferences between 2017 and 2020 and includes phone numbers, emails, and dates of birth.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/twitter.com\/railworks2rblx\/status\/1681800099007963137?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1681800099007963137%7Ctwgr%5E6be2e81fc0af3b1abc24b48cfe2b34b508dc6eff%7Ctwcon%5Es1_&#038;ref_url=https%3A%2F%2Fwww.digit.fyi%2Fdata-breaches-2023%2F\">https:\/\/twitter.com\/railworks2rblx\/status\/1681800099007963137?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1681800099007963137%7Ctwgr%5E6be2e81fc0af3b1abc24b48cfe2b34b508dc6eff%7Ctwcon%5Es1_&amp;ref_url=https%3A%2F%2Fwww.digit.fyi%2Fdata-breaches-2023%2F<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Indonesian Immigration Directorate General<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The Immigration Directorate General was breached by a hacktivist known as Bjorka, who lifted the passport data of more than 34 million Indonesians which includes names, genders, passport numbers, expiry and issue dates, and dates of birth. The hacker had listed a vast quantity of this data on the dark web, and law enforcement agencies continue to investigate what they say looks more like a traditional cyber-attack than a politically motivated one.<\/p>\n<h3><strong>\u00a0<\/strong><\/h3>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>August<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>UK Electoral Commission<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>In August the Electoral Commission issued a notification for what it said was a \u201ccomplex cyber-attack\u201d where hostile actors gained access to the UK\u2019s electoral registers, containing the personal information of 40 million people. The personal data included names, email addresses, home addresses, and phone numbers, as well as any data that might have been submitted through web portals or emails.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Hostile actors were active in our systems and had access to servers which held our email, control systems, and copies of the electoral registers. We have since worked with external security experts and the National Cyber Security Centre to investigate and secure our systems.<\/p>\n<p>&mdash; Electoral Commission (@ElectoralCommUK) <a href=\"https:\/\/twitter.com\/ElectoralCommUK\/status\/1688871273445703680?ref_src=twsrc%5Etfw\">August 8, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Northern Ireland Police<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The Police Services of Northern Ireland suffered an attack that led to the breach of personal details of 10,000 staff, including officers, and civilian workers. While addresses, emails, and phone numbers were not exposed, even just the surnames of staff and the department and role they work in were considered a \u201csevere threat\u201d to the staff.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Duolingo<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The popular language education app Duolingo had the data pertaining to 2.6 million users leaked on BreachForums. The data included names, emails, phone numbers, and social media information of the users, as well as which languages they were studying.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>September<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>DarkBeam<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>DarkBeam, a cyber-vulnerability and threat management provider, created a compilation of public data and added them to a database housing information on cyber-breaches between 2018 and 2019, which was in turn left open to the public. This mistake was due to human error, according to researchers, and over 3 billion records were exposed.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>MGM Resorts International<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The popular hospitality and casino company MGM reported a cyber-attack that resulted in over \u00a389 million in costs through both consulting and clean-up fees and the cost of the breach itself. Threat actors were able to get information from customers who transacted with the company before March 2019 and obtained social security numbers, and passport numbers.<\/p>\n<p>&nbsp;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The ALPHV ransomware group has posted a long message about MGM Resorts on their leak site. <a href=\"https:\/\/t.co\/ufBuuOpOaG\">pic.twitter.com\/ufBuuOpOaG<\/a><\/p>\n<p>&mdash; @mikko (@mikko) <a href=\"https:\/\/twitter.com\/mikko\/status\/1702421207738663281?ref_src=twsrc%5Etfw\">September 14, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>October<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>23andMe<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The genetic testing platform 23andMe was involved in a data breach. This led to the exposure of genetically linked relatives, making the impact of the breach felt by about 6.9 million members. In total, the threat actors claim to have breached 20 million data records from the attack.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Indian Council of Medical Research<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>Approximately 815 million Indian citizens had their COVID test and health data exposed by a threat actor who went by the name \u2018pwn0001\u2019.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Air Europa<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The Spanish airline Air Europa had to tell all their customers to cancel credit cards after hackers breached the card numbers, expiration dates, and 3-digit CVV numbers were all extracted from the company\u2019s systems.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>November<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Kid Security<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The parental control app, allowing parents to monitor their child\u2019s online safety exposed more than 300 million data records including 21,000 phone numbers, 31,000 emails, and some payment card data.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Samsung UK<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>A third-party business application utilized by Samsung UK was targeted and resulted in the names, phone numbers, email addresses, and physical addresses of an undisclosed number of customers exposed. The attack impacted customers who made purchases on its eCommerce site between 1 July 2019 and 30 June 2020. The company assured that no financial information was exposed.<\/p>\n<p>&nbsp;<\/p>\n<blockquote>\n<h4><span style=\"color: #afcf60;\"><strong>December<\/strong><\/span><\/h4>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Toyota Financial Services<\/strong><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>So far this month, Toyota Financial Services, a subsidiary of the global automotive giant Toyota Motor Corporation, issued a warning to its customers about a significant data breach following an unauthorized access detected last month in some of its European and African systems. The exact number of victims has not been released, and the company says it is working diligently on an internal investigation into the incident. The threat actors asked for $8 million to delete data.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><strong>Ukraine mobile network Kyivstar <\/strong><\/span><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p>Ukraine&#8217;s biggest mobile network operator said it hoped to restore operations by Wednesday after coming under what appeared to be the largest cyberattack since Russia launched its war on the country in February 2022.<\/p>\n<ul>\n<li>Kyivstar&#8217;s IT systems &#8216;partially destroyed&#8217;<\/li>\n<li>CEO says attack connected to war with Russia<\/li>\n<li>Ukraine investigating possibility of Russian state involvement<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Source: <a href=\"https:\/\/www.digit.fyi\/\">digit.fyi<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Disculpa, pero esta entrada est\u00e1 disponible s\u00f3lo en en y ua.As we round off the year, take a look at some of the most noble cyber breaches that took place every month this year. &nbsp; This year\u2019s cyber-threat landscape was uniquely ferocious. The global average cost of a data breach rose to $4.45 million, up [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":3724,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-127303","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/10guards.com\/wp-content\/uploads\/The-Biggest-Hacks-of-2021.jpg","_links":{"self":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/127303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/comments?post=127303"}],"version-history":[{"count":4,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/127303\/revisions"}],"predecessor-version":[{"id":127396,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/posts\/127303\/revisions\/127396"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/media\/3724"}],"wp:attachment":[{"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/media?parent=127303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/categories?post=127303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10guards.com\/es\/wp-json\/wp\/v2\/tags?post=127303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}