Data Breaches in October 2023

Data Breaches in October 2023

A data breach refers to a security event in which unauthorized access, utilization, or disclosure of sensitive data occurs without the explicit consent of the individual to whom the data belongs. Data breaches have the potential to transpire throughout organizations spanning various sizes and industries, hence exerting a substantial influence on both persons and enterprises. The following list comprises the five most notable data breaches documented in October 2023.

What Are Data Breaches?

Data breaches can be ascribed to a variety of sources, encompassing cyberattacks executed by proficient hackers as well as insider threats originating from within an entity.  Hackers leverage vulnerabilities inside information security systems by employing various approaches such as malware, phishing, and software exploits.  The unauthorized disclosure of sensitive information by employees or individuals, whether accidental or intentional, poses a significant risk.  Additionally, the continuous concern of physical theft of equipment storing data exacerbates this issue.

In addition, insufficient security measures, such as the utilization of easily guessable passwords and the failure to update software, also give rise to vulnerabilities that can be exploited, resulting in data breaches. The range of compromised data is diverse, encompassing personal identifiable information (PII), financial records, healthcare data, and intellectual property.  These breaches can result in identity theft, financial ramifications, and substantial damage to an organization’s reputation.

In order to address these risks effectively, it is imperative to implement robust cybersecurity measures, which encompass the utilization of encryption, regular software updates, and comprehensive employee training.

Top Cyber Attacks and Data Breaches in October 2023

D-Link: October 2, 2023

Successful phishing attack, breaching records on a server that reached the end of life in 2015, though the information itself was “of low-sensitivity and semi-public.”  Around 700 records were breached.

Rock Country: October 2, 2023

Ransomware attacks encrypted files and took systems, including critical ones, offline.  The attackers demanded $1.9 million (about ₤1.55million), which the country refused to pay.  Unknown, but no reason to assume “sensitive” personal data of employees was stolen.

23andMe: October 6, 2023

Credential stuffing attacks, resulting in initially 1 million data packs of Ashkenazi Jews leaked on a hacking forum, to which an additional 4.1 million genetic data profiles of UK and German residents have now been added.  5,150,779 (1 million originally, plus an additional 4,150,779 from the hacker’s update) records were breached. October 11, 2023

Unauthorized access to the web application’s server, leads to a personal data breach.  The likely root cause was a misconfiguration — specifically, the disabling of certain network security settings due to human error.  126,970 (91,921 customers in Japan, and 35,049 customers in 148 other countries and regions) records breached.

AirEuropa: October 11, 2023

The airline urged victims to cancel their credit cards following the hack.  It also stated that no other personal information had been exposed in the data breach and that it had informed the relevant authorities.

AKUMIN: October 11, 2023

The Akira ransomware group claims to have exfiltrated 430 GB of data from Akumin Inc., a medical imaging company, after breaching the company’s firewall.

American Family Insurance: October 23, 2023

After detecting unusual activity on its network, which turned out to be a cyber attack, the company shut off its IT systems to prevent it from spreading.  The company has so far not detected compromises to customer data processing systems, but did disrupt its phone and online services, and building connectivity.

Okta: October 25, 2023

Okta/via REUTERS

Okta only fully contained the situation 15 days later, giving the attackers access to Okta’s support platform for at least 2 weeks, breaching sensitive information like cookies and session tokens from recent support cases by some customers.  Unknown, but a “very, very small subset” of Okta’s more than 18,000 customers records breached.

Stanford University: October 30, 2023

An unauthorized third party gained access to Stanford University systems and breached the personal information of students, applicants, alumni, donors, employees, contractors, research study participants, and University Health Service and School of Dentistry patients.

Aadhaar: October 31, 2023

A massive data breach exposed about 815 million Indians’ personal information on the dark web, including Aadhaar and passport data.

How News4Hackers Can Help?

News4Hackers is the leading Cybersecurity Info and News Portal that provides authentic info on the latest cyber-attacks and related incidents throughout the world.  Apart from this, you will certainly see a bulk of informative cyber security articles on the official website of News4Hackers in order to enhance the knowledge parameters of our readers globally.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space.  Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM.  Naager entered the field of content in an unusual way.  He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts.  He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field.  In the bottom line, he frequently writes for Craw Security.


Analysis Started Coming From Security Analysts After Massive Data Breach of Adhaar Card

Cyber Attacks in 2023: What Is a Brute Force Attack?

The Impact of AI on Cybersecurity: Pros & Cons

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Can we help you?