- As our working lives become more aligned with the digital world, cyberattacks are increasingly on the rise – and 2023 was no exception.
- In this article, we’ll look back at some of the biggest cyberattacks during 2023 and see how they happened and what type of action the affected parties took to remedy the situation.
- Any organisation – big or small – can fall victim to cybercrime, from multinational public companies to tiny start-ups, so it’s always a smart idea to ensure your defences are up to scratch.
It might seem redundant to say, but cybersecurity was a major challenge in 2023 for businesses of all sizes.
Why redundant? Because cybersecurity is always a challenge -and failing to properly prepare can lead to disaster. But even the most well-protected companies can still fall prey to cyberattacks, especially when tactics like social engineering are in play.
From ransomware to phishing, from data breaches to denial-of-service, the cyberattacks of 2023 highlighted the weaknesses and dangers of the digital age.
So, let’s look at these in more detail and see exactly what we can learn.
The WH Smith’s company data breach
WH Smith, everybody’s favourite stationer, (what do you mean you don’t have one?), faced one of the year’s earliest breaches on 14 January 2023, when it announced it has suffered a data breach which exposed some of its internal staff data.
Information in the breach included the names, addresses, and dates of birth of WH Smith employees – though the retailer was quick to point out that customer data was unaffected.
Following the breach, the leadership at WH Smith’s stated that they “are notifying all affected colleagues and have put measures in place to support them.”
It’s still not clear exactly how the breach occurred, but it’s a stark reminder that it’s not just customer and financial data which can be at risk from cybercriminals.
The Capita cyberattack
Capita, the outsourcing giant, suffered a cyberattack in March 2023 that compromised the data of 470,000 members of the UK’s biggest pension scheme, the Universities Superannuation Scheme – among many others.
The attack also impacted several local authorities and government organisations that were clients of Capita. Reports suggest that the breach will cost the firm £25 million – a high price to pay for cybersecurity weaknesses.
In terms of remediation following the Capita cyberattack, the company posted an update in May 2023 explaining the action taken. This included:
- Extensive steps to recover and secure customer, supplier, and colleague data within the impacted server estate.
- Collaboration with regulatory authorities, customers, suppliers, and colleagues for notification and necessary steps.
- A predicted total cost of £15m to £20m for recovery, remediation, and cyber security reinforcement, the company has prioritized allocating resources to address the aftermath of the cyber incident.
- To prevent further breaches, Capita has put in place measures to ensure the integrity, safety, and security of its IT infrastructure.
The Evide ransomware attack
In April 2023, in one of the most shocking cyberattacks of the year, hackers targeted Evide, an Irish IT company which manages data for multiple charitable organisations.
Some of these charities, including Belfast-based Orchardville and Dublin-based One In Four, deals with vulnerable people and victims of crime. Despite the sensitivity of the data, Evide was still targeted for user data, including phone numbers and email addresses, and the attackers deployed ransomware in the hopes that Evide would pay the ransom to secure the data.
It’s unclear whether or not this ransom was paid, but the Garda National Cyber Crime Bureau in Ireland was involved in the investigation.
The MOVEit data breach
Perhaps the largest cyberattack of 2023 began in June after a vulnerability was discovered in a file transfer software known as MOVEit developed by Progress Software.
The attackers in this case used a technique known as SQL injection to take advantage of a zero-day exploit in this software to steal data from MOVEit databases. According to the US Cybersecurity & Infrastructure Security Agency (CISA), this attack used a form of Ransomware-as-a-Service, or RaaS, designed by a cyber gang called “CL0P”.
The reason this breach was so large in scale was primarily due to the organisations impacted by the attack. Here’s a shortlist:
- The Government of Nova Scotia, Canada, reported that up to 100,000 of its past and present employees were affected.
- In the UK, large organisations including the BBC, Aer Lingus, Boots, Transport for London, Ofcom, and British Airwards were all impacted by the breach.
- The United States Department of Energy was one of several US governmental bodies impacted by the MOVEit breach.
As of October 2023, over 2500 organisations had been affected in some way by the MOVEit breach, mainly in the US, making it the largest of the year in terms of pure numbers.
ChatGPT’s first data breach
If there was a single buzzword which summed up all of 2023, it has to be “AI”. And the poster boy for all of that AI buzz was ChatGPT -the world’s first consumer-focused generative AI tool. But even the world’s biggest technologies aren’t infallible.
On March 20th 2023, ChatGPT suffered approximately 9 hours of downtime. During this time, a breach took place which exposed the data of about 1.2% of OpenAI’s ChatGPT Plus subscribers. According to OpenAI, the breach was due to a bug “in an open-source library which allowed some users to see titles from another active user’s chat history.”
While the AI conversational data may have been visible by the hackers, more worryingly payment-related data for Premium subscribers was also exposed – though OpenAI claim only a very small number taking specific actions during the downtime would have been impacted. Since the attack, they’ve contacted everyone affected and, of course, fixed the bug. In terms of remediation, this is actually the smart thing to do: take the system offline, advise any affected parties, and squash the bug.
There have been no breaches to OpenAI’s systems since, so we can safely assume they learned something from this.
Have a question about how to keep your business safe from cyberattacks and breaches? Reach out to your account manager or drop us a line today on 01865 594 000.