Data stolen has some wired statistics in first quarter of 2023. In the third quarter of 2023, the most frequent outcome of successful cyberattacks on organizations is the disclosure of sensitive data.
Malicious actors were almost always intent on stealing trade secrets and personal information. Here are a few instances of well-publicized disclosures from the third quarter:
1. The full names, genders, passport numbers, issue and expiration dates, and dates of birth of 34 million people were made public due to a data breach that affected Indonesia’s Immigration Directorate General. The hacktivist known as Bjorka is credited with carrying out the attack.
2. HCA Healthcare had a data breach that affected 11 million patients. The data was stolen from an external storage site that was solely used to automate the layout of email messages, according to he US corporation. At least five class-action lawsuits have been filed against HCA.
3. A ransomware assault on Canada’s Alberta Dental Service Corporation exposed the personal and medical details of roughly 1.5 million of its customers, as well as the banking information of 7,000 seniors programme participants.
Organizations should be more cautious when picking software providers and try to improve their vulnerability management practices to defend themselves from assaults. We advise software developers to participate in bug bounty programmes and to adhere to the coordinated vulnerability disclosure approach.
Some broad observations based on data available as of my last update in January 2022. For the most up-to-date and accurate data theft figures in 2022, contact trusted sources such as cybersecurity publications, government organisations, or reputable news sites.
How Data Breaches Happen
Data theft remained a major concern in 2022, with several causes contributing to its occurrence:
- Cyber criminal Activity: Criminals utilize a variety of strategies, including phishing, malware, and ransomware assaults, to gain unauthorized access to sensitive data in order to profit financially.
- Insider Threats: When workers or contractors abuse their access privileges, data theft can occur from within an organization, either maliciously or accidentally.
- Vulnerabilities in Systems and Software: Attackers can exploit security flaws in software and systems to get access to sensitive data.
- Supply Chain Attacks: Cyber criminals may target the supply chain, undermining the security of third-party vendors and causing data breaches for the organizations they service.
- Nation-State Cyber Espionage: Governments and state-sponsored groups may engage in cyber espionage to target sensitive data for political, economic, or military goals.
- Lack of Cybersecurity Awareness and Training:Inadequate Cybersecurity Human mistake continues to be a big component in data breaches. Employees may become victims of social engineering attacks due to a lack of awareness and inadequate training.
I propose consulting studies from cybersecurity organisations, industry analysts, and governmental cybersecurity authorities to gain detailed figures and specifics on data theft in 2022. These studies frequently provide insights into the sorts of attacks, industries affected, and cyber threat trends.
Unix – Command grep, sed and awk – Best Practice