2023’s biggest data breaches, and how you could prevent them.

Cyber-crime remains one of the most significant threats to an organisation. Suffering a data breach causes immediate disruption to business operations, significant financial consequences, and shreds reputation and trust.

Not only is it a serious threat, but it’s a regular one. In July of this year alone, there were 87 recorded data breaches - almost three per day. Businesses are now faced with defending themselves from skilled cyber criminals, often highly financially and/or politically motivated, leveraging advanced technology to relentlessly attempt to find a chink in their victim’s cyber armour. Unfortunately, it’s a case of when, not if, they break in.

Cyber crime has cost companies hundreds of millions of pounds over the year so far. In fact, the UK has suffered over 40% of all cyber attacks in European countries. Even the largest organisations cannot escape the consequences that follow a major data breach: a comprehensive approach to cyber security has never been more critical.

Clop's MOVEit campaign

In what is technically speaking hundreds of cyber attacks, earlier this year the Clop (Cl0p) ransomware gang exploited a zero-day vulnerability within the MOVEit managed file transfer application, which they then leveraged to breach over 600 organisations across the world. Vulnerability CVE-2023-34362 allowed Clop to break into organisational networks and exfiltrate as much data as possible – skipping the malicious encryption process that ransomware gangs are typically notorious for. Clop then used – and are still using – the stolen data as bargaining power in extortion campaigns, threatening to publish all stolen information if their victims did not pay a significant ransom fee. Clop are now forecast to make over $75 million from the MOVEit campaign.

Capita

London-based professional outsourcing giant Capita was impacted twice this year by data breaches – the first caused by a BlackBasta cyber attack in March. The ransomware attack left Capita’s clients unable to provide vital services, and resulted in a major data breach of sensitive information. The second resulted from a series of files being left in unsecured Amazon Web Services bucket. These files contained the details of a number of local councils’ tax and benefit data, and led to the Information Commissioner’s Office receiving reports from 90 organisations detailing their own subsequent data breaches.

Capita’s entire business took a huge hit from these incidents, with the company posting first half pre-tax losses of £67.9 million, and still facing the potential of a huge fine. Capita's reputation may never recover.

Twitter

Twitter, now X, suffered a massive data breach at the start of the year when hackers managed to steal the email addresses of over 200 million Twitter users and list them for sale. The breach stemmed from a bug in the Twitter API that enabled criminals to submit contact information and receive any associated accounts. Multiple threat actors exploited this vulnerability to create datasets that were found in general circulation on online forums. Reports suggested that both European and American regulators would take interest in the incident; with Twitter’s history of data protection compliance issues, and during a time of massive change at the company, this data breach was a PR nightmare.

JD Sports

JD sports suffered the largest attack by a UK company so far this year back in January, when the data of 10 million customers was put at risk following unauthorised access to one of their systems. This exposed the sensitive data – including names, addresses, email addresses, phone numbers, and order details – of individuals who had made an online order with the retailer between November 2018 and October 2020.

Upon discovery, JD Sports notified the Information Commissioner’s Office, and contacted affected individuals due to the increased risk of phishing using their data. The company also enlisted the help of cybersecurity experts to investigate and respond to the incident.

Due to the historic nature of the stolen data, questions have been raised as to the volume of data that JD Sports has been storing, and the levels of protection placed around it.

Latitude

A major cyber-attack at Australian consumer credit lender Latitude Financial in March exposed the data of 14 million individuals. According to the lender, 96% of the stolen information related to driving licence copies or numbers, while 4% was passport numbers and copies.

The attack was sophisticated – Latitude first noticed unusual activity that they believed to have originated from a vendor. It turned out that cyber criminals had stolen a Latitude employee’s credentials from one of the company’s technology vendors, which then they used to log into two different service providers and start stealing data.

The attack has had a devastating impact on Latitude’s finances, with an actual spend on the cyber incident of $53 million – a significant portion of the company’s $76 million pre-tax loss for the first half of the year.

Each one of these breaches has had a severe impact on its victims’ business operations, whether it causes a devastating blow to finances or shreds business reputation and trust. Even when these businesses have dealt with the short-term consequences of these incidents, they will be repairing the damage to their reputations for years to come – some many never fully recover.

How can your organisation protect itself?

The best way to ensure that your business doesn’t fall victim to cyber crime is to fortify your detection, response, and recovery capabilities with a comprehensive cyber security strategy. Thanks to AI and advanced technology, cyber attacks now happen at rapid pace. Your response has to be fast and accurate; the best way to ensure a fast, complete response is through a proactive security strategy.

Threat detection is the first line in your cyber security defences. SIEM solutions continuously scan and monitor your network in real time, combining AI and automation to provide instant alerts of any anomalies or potential threats. These alerts facilitate a rapid investigation and response, minimising the amount of time that hackers may have in your systems and mitigating the risk of any breach escalating. Including an incident recovery plan in your cyber security strategy is essential for minimising the damage caused by a cyber attack, and preventing as much downtime as possible for critical operations.

Protecting yourself from advanced cyber threats requires advanced security technology. Not only is this technology expensive, but it requires skilled security professionals to be effective – professionals in very high demand and very short supply. Utilising managed security service providers (MSSPs) can be a powerful solution to these challenges – you can gain access to advanced technology and highly skilled security staff in a cost-effective manner that doesn’t burden you with expensive up-front costs and high salaries. For IT decision makers trying to balance their security needs with a shrinking budget, an MSSP can be invaluable.

Cyber Resilience Assessment

Celerity’s Cyber Resiliency Assessment is designed to identify gaps, strengths, & weaknesses against best practice requirements based on the NIST Cyber Security Framework, helping you to understand the risk and maturity level of your environment.

In turn, you’ll be able to create a plan to protect your business and streamline your data security processes, with a customised cyber resilience strategy that is fitted to your vision and mission.

Download the brochure here, or get in touch with us to learn about this free evaluation of your data protection strategy.