Data Breaches in August 2023

A data breach is when sensitive, protected, or confidential information is accessed, stolen, or exposed by an unauthorized individual or group. These incidents can occur in various ways, such as hacking, theft, or human error. 

Data breaches can have serious consequences for individuals, businesses, and organizations. The compromised data may include personal information such as names, addresses, social security numbers, credit card details, or login credentials. Such information can be used for identity theft, financial fraud, or other malicious activities. Here is the monthly edition of famous data breaches in August 2023.

1. Duolingo Data Breach:

   Data pertaining to 2.6 million Duolingo users has been leaked on BreachForums. The data includes names, email addresses, phone numbers, social media information, as well as the languages that users were studying at the time of the breach.

2. IBM MOVEit Data Breach:

   4.1 million patients in Colorado have had sensitive healthcare data stolen during another data breach exploiting a vulnerability in MOVEit transfer software. The systems affected are managed by tech behemoth IBM.

3. Police Service of Northern Ireland Data Breach:

   Every police officer currently working in Northern Ireland has had their data compromised in what is being described as a “monumental” data breach. The data was leaked in error and mistakenly published while the service was responding to a Freedom of Information request. Surnames, initials, ranks, work locations, and departments of all of the police staff were leaked.

4. Tesla Data Breach:

   Tesla has acknowledged in an official filing with the Maine attorney general that the recent data breach, which affected over 75,000 individuals, resulted from an “inside job.” The breach came to light after German media outlet Handelsbatt disclosed that it had obtained a substantial 100GB of data from an insider within Tesla.

5. Forever 21 data breach:

   Fashion retailer Forever 21 has revealed that 500,000 customers were affected by a data breach that occurred earlier this year. Names, dates of birth, bank account information, and Social Security numbers were accessed by an unauthorized third party. Forever 21 says that the intruder no longer has access to the data, but it’s unclear precisely how they’ve been able to negotiate this.

6. US Hospital data breach:

   A major US hospital network, Prospect Medical Holdings, has been the victim of a ransomware-based cyber attack. The cyber attack caused outages across the company’s network beginning on August 3. This caused issues at Prospect Medical Holdings’ hospitals across the US, leading to some hospitals having to stop operations and divert patients to other facilities. The attack affected 16 hospitals in California, Connecticut, Pennsylvania and Rhode Island, in addition to 166 outpatient centers and clinics.The Federal Bureau of Investigation (FBI) launched an investigation into the cyber attack, which was confirmed to be ransomware-related.

In addition to the financial and legal consequences, data breaches can also damage the reputation of the affected organization, leading to a loss of trust among customers and stakeholders. As a result, many organizations invest significant resources in securing their data and preventing breaches from occurring. This includes implementing cybersecurity measures, training employees on data security best practices, and regularly testing and updating their security systems. If a breach occurs, our digital forensic experts investigate to find the root cause, stop the damage, and recommend steps to improve security. Another month, another round of data breaches in August 2023. Don’t let yourself become a victim – take control of your data security today – Click here to speak with a security expert.

Source: tech.co & IT Governance