Record Surge in Data Breaches Fueled by Ransomware and Vendor Exploits

According to a recent report from Apple and a Massachusetts Institute of Technology researcher, the United States has witnessed a record-breaking surge in data breaches, fueled by increased attacks on third-party vendors and a rise in aggressive ransomware incidents.
The study, authored by MIT professor Stuart Madnick and released on Thursday, reveals a distressing trend, with data breaches more than tripling from 2013 to 2022 and compromising a staggering 2.6 billion personal records in the past two years alone.
The situation has further escalated in 2023, with the first eight months seeing over 360 million individuals affected by corporate and institutional data breaches.
Alarmingly, one in four Americans had their health data exposed in these breaches during this period.
The report also highlights an increase in ransomware attacks, surpassing the total for the entire year of 2022.
In the first three quarters of 2023, ransomware attacks rose by nearly 70% compared to the same period in the previous year.
A survey conducted in 2023 among 233 IT and cybersecurity professionals in the healthcare sector across 14 countries revealed that 60% of organizations in the sector faced ransomware attacks, almost double the reported rate in 2021.
The largest health data breach this year involved an email hacking incident reported by HCA Healthcare, affecting 11 million individuals.
Data breaches have not been limited to the healthcare sector, as millions of individuals across various economic sectors have been impacted.
Third-party vendor incidents have been particularly prominent, with exploits targeting vulnerabilities in Progress Software's MOVEit and Fortra's GoAnywhere file transfer applications.
The report emphasizes the widespread consequences of vendor exploitation attacks, where initial breaches provide hackers access not only to the vendor's system and data but also to the systems and data of the vendor's clients.
The study notes that approximately 98% of organizations reported having a relationship with a vendor that experienced a data breach within the last two years.
In light of these findings, the report underscores the urgent need for organizations to prioritize the security of personal data, given the prevalence of data breaches and their tangible consequences for individuals.


This Cyber News was published on www.cysecurity.news. Publication date: Sat, 09 Dec 2023 16:43:04 +0000


Cyber News related to Record Surge in Data Breaches Fueled by Ransomware and Vendor Exploits

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Record Surge in Data Breaches Fueled by Ransomware and Vendor Exploits - According to a recent report from Apple and a Massachusetts Institute of Technology researcher, the United States has witnessed a record-breaking surge in data breaches, fueled by increased attacks on third-party vendors and a rise in aggressive ...
10 months ago Cysecurity.news
Critical insights into Australia's supply chain risk landscape - Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as ...
7 months ago Tripwire.com
Third-Party Security Assessments: Vendor Risk Management - As businesses rely more heavily on external vendors to provide critical services and support, the importance of effective vendor risk management strategies becomes paramount. This article explores the significance of third-party security assessments, ...
9 months ago Securityzap.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
11 months ago Therecord.media
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches - An Apple-commissioned report this week has highlighted once again why analysts have long recommended the use of end-to-end encryption to protect sensitive data against theft and misuse. The report is based on an independent study of publicly reported ...
10 months ago Darkreading.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
5 months ago Infosecurity-magazine.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
10 months ago Helpnetsecurity.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
8 months ago Malwarebytes.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
7 months ago Feeds.fortinet.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
5 months ago Bleepingcomputer.com
The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
9 months ago Bleepingcomputer.com
6 Ransomware Trends & Evolutions For 2023 - More than any other industry, cybersecurity is constantly changing. The number of major paradigm shifts that have transformed the world of cybersecurity in the past few years has been unprecedented, especially when it comes to combating ransomware. ...
1 year ago Trendmicro.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
8 months ago Securityboulevard.com
Third-party breaches hit 90% of top global energy companies - A new report from SecurityScorecard reveals a startling trend among the world's top energy companies, with 90% suffering from data breaches through third parties over the last year. This sheds light on the need for these energy companies to adopt a ...
9 months ago Securityintelligence.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 month ago Securelist.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
Ransomware review: January 2024 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In February, there were 376 ransomware victims, marking an unusually active month for the historically subdued time period. February didn't ...
7 months ago Malwarebytes.com
The Evolving Landscape of Ransomware Attacks - 1.7 million ransomware attacks are happening every day. Many people think the virus has locked their computer, but it is actually the ransomware that has locked all their files. As the name ransomware suggests they are after ransom. Stealing or ...
10 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)