The Worst Hacks of 2023

The cybersecurity slog will no doubt continue in 2024, but to cap off the past 12 months, here's WIRED's look back at the year's worst breaches, leaks, ransomware attacks, digital extortion cases, and state-sponsored hacking campaigns.
One of the most impactful hacks of 2023 wasn't a single incident but a series of devastating breaches, beginning in May, caused by mass exploitation of a vulnerability in the popular file transfer software known as MOVEit.
The bug allowed hackers to steal data from a laundry list of international government entities and businesses, including the Louisiana Office of Motor Vehicles, Shell, British Airways, and the United States Department of Energy.
The gang is particularly known for finding and exploiting vulnerabilities in widely used software and equipment, with MOVEit being the latest example, to steal information from a large population of victims and conduct data extortion campaigns against them.
The company said at the time that about 1 percent of its 18,400 customers were impacted.
The company had to revise its assessment in November to acknowledge that actually all of its customer support users had had data stolen in the breach.
The original 1 percent estimate came from the company's investigation into activity in which attackers used stolen login credentials to take over an Okta support account that had some customer system access for helping users troubleshoot.
As with a number of other incidents this year, part of the significance of the Okta incident comes from the fact that the company plays a critical role in providing security services for other companies, yet it suffered a previous high-profile breach in 2021.
Volt Typhoon's hacking, and that of other Beijing-backed hackers, is fueled in part by the Chinese government's stockpile of zero-day vulnerabilities, which can be weaponized and exploited.
In June, Microsoft said that a China-backed hacking group had stolen an immensely sensitive cryptographic key from the company's systems that allowed the attackers to access cloud-based Outlook email systems for 25 organizations, including multiple US government agencies.
Caesars Entertainment confirmed in a US regulatory filing in September that it had also suffered a data breach at the hands of Alphv, one in which many of its loyalty program members' Social Security numbers and driver's license numbers were stolen, along with other personal data.
The Wall Street Journal reported in September that Caesars paid roughly half of the $30 million the attackers demanded in exchange for a promise that they wouldn't release stolen customer data.
In December 2022, LastPass, maker of the popular password manager, said that an August 2022 breach it had disclosed at the end of November 2022 was worse than the company originally thought, and encrypted copies of some users' password vaults had been compromised in addition to other personal information.
It was a deeply concerning revelation given that LastPass has suffered other security incidents in the past, and users trust the company with the most sensitive pieces of their digital lives.
On top of this the company disclosed a second incident in February 2023 that also began in August 2022.
Attackers compromised the home computer of one of the company's senior engineers-who had special access to LastPass' most sensitive systems-and stole authentication credentials.
In that initial disclosure, the company didn't say how many users were affected.
In the meantime, hackers began hawking data that appeared to be taken from a million or more 23andMe users.
In a US Securities and Exchange Commission filing at the beginning of December, the company said that the attacker had accessed 0.1 percent of user accounts, or roughly 14,000 per a company estimate that it has about 14 million customers.
The wireless carrier T-Mobile has suffered a ludicrous number of data breaches in recent years and now has the dubious distinction of being a two-time winner of an honorable mention in WIRED's annual Worst Hacks roundups.


This Cyber News was published on www.wired.com. Publication date: Fri, 29 Dec 2023 13:13:05 +0000


Cyber News related to The Worst Hacks of 2023

The Worst Hacks of 2023 - The cybersecurity slog will no doubt continue in 2024, but to cap off the past 12 months, here's WIRED's look back at the year's worst breaches, leaks, ransomware attacks, digital extortion cases, and state-sponsored hacking campaigns. One of the ...
11 months ago Wired.com
Autistic teen behind spate of Lapsus$ hacks sentenced to indefinite hospital stay - Arion Kurtaj, a teenager described as a key member of the Lapsus$ group, was sentenced to an indefinite hospital order on Thursday for a series of high-profile hacks last year. Kurtaj, who is 18 and has severe autism, was deemed unfit to stand trial ...
1 year ago Therecord.media
Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
11 months ago Bleepingcomputer.com
Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023 - As per crypto security firms, this was the first time since 2020, that the trend has been declining. Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company ...
11 months ago Cysecurity.news
Apex Legends players worried about RCE flaw after ALGS hacks - Electronic Arts has postponed the North American finals of the ongoing Apex Legends Global Series after hackers compromised players mid-match during the tournament. ALGS is an esports tournament series where players compete in a fast-paced, strategic ...
9 months ago Bleepingcomputer.com
Syrian Threat Group Peddles Destructive SilverRAT - The group behind a sophisticated remote access Trojan, SilverRAT, has links to both Turkey and Syria and plans to release an updated version of the tool to allow control over compromised Windows systems and Android devices. According to a threat ...
11 months ago Darkreading.com
US Treasury sanctions Sinbad cryptocurrency mixer used by North Korean hackers - The U.S. Treasury Department on Wednesday sanctioned a popular cryptocurrency mixer used to launder funds stolen by hackers connected to the North Korean government. The Treasury Department's Office of Foreign Assets Control announced new sanctions ...
1 year ago Therecord.media
NY engineer pleads guilty to stealing millions from two crypto exchanges - A former security engineer for an international tech company pleaded guilty in federal court to hacking two decentralized cryptocurrency exchanges. As a result of these hacks in July 2022, U.S. citizen Shakeeb Ahmed, 34, illegally obtained over $12 ...
1 year ago Therecord.media
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov
Congress Must Stop Pushing Bills That Will Benefit Patent Trolls - The U.S. Senate is moving forward with two bills that would enrich patent trolls, patent system insiders, and a few large companies that rely on flimsy patents, at the expense of everyone else. One bill, the Patent Eligibility Restoration Act would ...
9 months ago Eff.org
Cyber-Attacks Drain $1.84bn from Web3 in 2023 - Cyber-attacks targeting Web3 cost organizations $1.84bn in 2023 across 751 incidents, according to Certik's Hack3d: The Web3 Security Report 2023. The average cost per incident was $2.45m in 2023. There was a wide disparity between the losses ...
11 months ago Infosecurity-magazine.com
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
6 months ago Tenable.com
US Sanctions Sinbad Mixer: Disrupting Threats Unveiled - The U.S. Treasury Department recently took a significant step in the ongoing battle against cybercrime by imposing sanctions on Sinbad. It's a virtual currency mixer utilized by the North Korea-linked Lazarus Group to launder funds obtained through ...
1 year ago Securityboulevard.com
23andMe Blames Users for Recent Data Breach as It's Hit With Dozens of Lawsuits - It's been nearly two years since Russia's invasion of Ukraine, and as the grim milestone looms and winter drags on, the two nations are locked in a grueling standoff. If you made some New Year's resolutions related to digital security, check out our ...
11 months ago Wired.com
Cyberattacks Intensify on Israeli and Palestinian Human Rights Groups - Hackers have stepped up efforts to take down the websites of Israeli and Palestinian humanitarian groups since Hamas attacked Israel on Oct. 7.The spike in cyberattacks on Israeli human rights organization B'Tselem has reached levels similar to ...
1 year ago Wsj.com
Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity - WASHINGTON - A top White House national security official said recent cyber attacks by Iranian hackers on U.S. water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by ...
1 year ago Apnews.com
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com
FBI warns on Scattered Spider hackers, urges victims to come forward - Caesars Entertainment Inc MGM Resorts International Microsoft Corp SAN FRANCISCO, Nov 16 - The FBI warned organizations to guard against the Scattered Spider hacking group, which has breached dozens of American organizations over the past year, ...
1 year ago Reuters.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com
Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity - A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by utilities and ...
1 year ago Securityweek.com
INTERPOL Arrests 3,500 Suspects in Sweeping Cybercrime Operation - Interpol, an international police organization, has arrested nearly 3,500 people allegedly connected to cybercrime in a sweeping operation announced on Tuesday. 300 million worth of assets across 34 countries were reportedly seized. Malicious hacks ...
1 year ago Packetstormsecurity.com
New to Cybersecurity? Use These Career Hacks to Get a Foot in the Door - The need for cybersecurity professionals has been building for years, and nearly exponentially since COVID came on the scene. At this point, it's painfully evident there's a wide talent gap in the field, and research proves it - the global workforce ...
1 year ago Cybersecurity-insiders.com
How to Think Like a Hacker - Not only did I enjoy and learn from Khan's presentation, I had several follow-up conversations with him regarding cybersecurity, hacking, industry trends and much more. I was impressed with his passion, expertise and role as a vCISO and cybersecurity ...
9 months ago Securityboulevard.com
Data allegedly stolen in Ticketmaster hack - A group of hackers say they have stolen the personal details of 560 million Ticketmaster customers. ShinyHunters, the group claiming responsibility, says the stolen data includes names, addresses, phone numbers and partial credit card details from ...
6 months ago Packetstormsecurity.com
Lawmakers must build on Feds' ransomware success in 2024 The Register - Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. AlphV/BlackCat might have squirmed their way out of authorities' clutches for now, but the action from national security agencies this ...
11 months ago Go.theregister.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)