T-Mobile tops list of data victims
The company with the most victims impacted by a data compromise in 2023 was T-Mobile, with 37 million people, followed by Xfinity, with 35.9 million, the report said.
PeopleConnect, Inc. ranked third with 20.2 million victims, and Nationstar Mortgage LLC, doing business as Mr. Cooper, was fourth, with 14.7 million people impacted.
Two companies using MOVEit, PBI Research Services and Maximus, Inc., ranked fifth and eighth respectively, with a combined 22.8 million victims impacted, the report said..
The Perry Johnson & Associates breach impacted 9 million people and ranked ninth.
The health care industry had the most compromises in 2023, followed by financial services, professional services, manufacturing and education, the report said.
Lee said the number of breach notices that did not have actionable information “to help businesses and individuals prepare for similar attacks also grew in 2023, when less than half of cyberattack-related notices included information about what caused the breach.”
While there typically is never just one reason that data breaches increase, Lee said there were several trends in 2023 that help explain the jump in cases.
“Many professional cybercriminals supported by nation/states resumed stealing business and personal information after being more focused on the conflict between Russia and Ukraine,” said Lee. “Professional cybercriminals and nation/state actors focused more on finding and exploiting zero day software flaws.”
In 2023 there were 110 publicly reported zero day attacks, which occur when cybercriminals exploit software flaws that are known but not yet patched. In 2022 there were eight, the report said.
Data compromises like the hack of MOVEit are known as supply chain attacks.
“Cybercriminals are focusing more on supply chains where attacks against a single, less well-defended vendor can give an attacker access to the data of many companies,” Lee said. “(And) generative artificial intelligence is making phishing attacks and social engineering schemes more effective and more successful.”