The cybersecurity landscape in 2023 witnessed an ongoing battle against increasingly sophisticated threat actors and adversary tactics. From nation-state espionage to exploits of software supply chain vulnerabilities, the year saw a variety of significant cyber incidents with far-reaching consequences.
Infosecurity Magazine presents a compilation of the top 10 cyber-attacks of 2023, ranking them based on factors such as the scale of the incident and its enduring implications. The list is arranged chronologically according to the reported dates of each attack.
1. LockBit Attack Inflicts Substantial Financial Loss on Royal Mail In January 2023, the Royal Mail, the UK’s postal service, faced a ransomware attack that temporarily halted international deliveries. Despite refusing to pay the £65.7 million ($79.85 million) demand from the LockBit group, the Royal Mail suffered considerable financial costs, including significant revenue losses and £10 million spent on ransomware remediation.
2. T-Mobile Grapples with Extensive Data Breach T-Mobile disclosed that 37 million customers had their personal and account information accessed in a November 2022 API attack, discovered only in January 2023. Another breach in February and March 2023 increased the vulnerability of millions of customers to potential follow-on fraud attempts.
3. Ransomware Attack Forces City of Oakland into State of Emergency In February 2023, the City of Oakland, California, declared a state of emergency due to a ransomware attack that disrupted non-emergency services and temporarily closed government buildings. The hackers reportedly stole a decade’s worth of sensitive data from city servers.
4. MOVEit File Transfer Exploitation Impacts Thousands The exploitation of a zero-day vulnerability in MOVEit, a popular file transfer software, affected numerous organizations from media to healthcare. Despite a patch being deployed by May 31, the fallout from the May 2023 attack contributed to a record number of ransomware attacks in July 2023.
5. Chinese Espionage Campaign Infiltrates US Government In May 2023, the Storm-0558 group, backed by a Chinese cyber-espionage campaign, gained access to customer email accounts in the US State and Commerce Departments and other US government agencies. The attackers compromised a Microsoft engineer’s corporate account to launch the campaign, leading to criticism and accusations of negligence against Microsoft.
6. UK Electoral Commission Faces Data Exposure August 2023 saw the UK Electoral Commission disclosing a “complex cyber-attack” that exposed the personal data of 40 million voters registered between 2014 and 2022. The attackers remained undetected for 15 months, suggesting motives beyond quick financial gain.
7. Cyber-Attacks Disrupt Casinos In September 2023, MGM Resorts International faced a cyber-incident affecting critical business components, costing over $100 million after refusing a ransom demand. Shortly after, Caesars Entertainment, another Las Vegas-based casino and hotel chain, revealed a ransomware compromise.
8. Ransomware Forces UK Logistics Firm into Closure UK logistics giant KNP Logistics Group entered administration in September 2023 due to a ransomware attack earlier in the year. Over 700 employees faced redundancy as the firm struggled to secure urgent investment post-attack.
9. 23andMe Confirms Major Data Breach In October 2023, DNA testing firm 23andMe reported a data breach affecting over 6 million individuals. Threat actors accessed profile information through a credential stuffing campaign, raising concerns about the potential misuse of sensitive data.
10. Ransomware Strikes British Library The British Library, one of the world’s largest libraries, experienced a damaging ransomware attack in October 2023. The attack, attributed to the Rhysida ransomware group, resulted in the theft and leakage of internal HR data and the offering of user data on the dark web.
