14.3 million records compromised by cyber security incidents in June 2023

683 Views

IT Governance, the global provider of cyber risk and privacy management solutions, discovered that more than 14.3 million records were compromised in 79 publicly disclosed security incidents in June 2023.

These statistics indicate a 59% decrease from June 2022. However, June 2023 was noteworthy for the MOVEit breach.

More than 13 million records were compromised as a result of 3 major security incidents, which is almost the entire monthly total.

The Oregon and Louisiana departments of motor vehicles, Genworth Financial and Wilton Reassurance all suffered significant data breaches following the discovery of the MOVEit software vulnerability.

Louisiana’s Office of Motor Vehicles (OMV) stated that about 6 million records, including driver’s licence information, were stolen in the breach.

It’s uncertain how extensive the damage is, but OMV believes that all Louisiana residents with a state-issued driver’s licence, ID or car registration may have had their personal data exposed.

Similarly, the Oregon Department of Motor Vehicles (DMV) disclosed that approximately 3.5 million driver’s licence and identity card details were compromised. In a disclosure notice, the organisation said:

“We do not have the ability to identify if any specific individual’s data has been breached. Individuals who have an active Oregon ID or driver’s license should assume information related to that ID is part of this breach.

“We recommend individuals take precautionary measures to protect themselves from misuse of this information, such as accessing and monitoring personal credit reports.”

Both incidents involve the potential exposure of personal information provided during the driver’s licence application process.

Meanwhile, Genworth Financial, a US-based provider of life insurance services, reported that at least 2.5 million records were compromised in the MOVEit breach.

On 16 June, the organisation confirmed the theft of customers’ personal data, including names, dates of birth, Social Security numbers, physical addresses and policy numbers.

As with other MOVEit incidents, Genworth Financial clarified that its internal systems remained uncompromised and the breach originated from the information shared with the file-sharing service.

The incident was initially reported to Genworth Financial by PBI Research Services, a population management company specialising in death audit and locate services. Three of its clients were affected, with Genworth Financial being the largest.

The second organisation compromised was California Public Employees’ Retirement System (CalPERS), with 769,000 of its members affected.

The third organisation linked to the PBI Research Services breach was Wilton Reassurance. The New York-based insurance provider was notified in June that 1,482,490 of its members were impacted.

In a statement provided to Bleeping Computer, PBI Research Services said:

“PBI Research Services uses Progress Software’s MOVEit file transfer application with a number of clients. At the end of May, Progress Software identified a zero-day vulnerability in the MOVEit software that was actively being exploited by cyber criminals.

“PBI promptly patched its instance of MOVEit, assembled a team of cybersecurity and privacy specialists, notified federal law enforcement and contacted potentially impacted clients.

“The cyber criminals did not gain access to PBI’s other systems – access was only gained to the MOVEit administrative portal subject to the vulnerability.”

The organisation added that it’s working directly with its clients to identify affected consumers and develop notice plans.

Here is a condensed list of the four categories that IT Governance outlines as part of its monthly data breaches analysis:

  • Cyber attacks: The Oregon and Louisiana departments of motor vehicles, Genworth Financial, Wilton Reassurance, Intellihartx, CGM, Inc., Commonwealth Health Physician Network-Cardiology, ChatGPT, Kannact, Maimonides Medical Center, HomecareGPS, Marshall & Melhorn, Medford Radiology Group.

  • Ransomware: British Airways, Boots, BBC, University of Manchester, Nova Scotia Health, Vincera Institute, Vermont health insurance, Des Moines Public Schools, Chattanooga State Community College, City of Augusta, Middlesex Co. Public Schools.

  • Data breaches: Softmedia Technology Company, Ireland’s Public Appointments Service, UL Hospitals Group.

  • Malicious insiders and miscellaneous incidents: Highmark, Houston ISD.

The full list of incidents with further details is available here.

Alan Calder, Founder and Executive Chairman of IT Governance, commented:

“The incidents resulting from the MOVEit breach highlight the importance of strong vendor risk management and comprehensive security protocols to protect sensitive data.

“It’s crucial for organisations to carefully evaluate the security practices of their third-party service providers, implement strict access controls, use encryption methods and regularly conduct vulnerability assessments.

“The MOVEit breach underscores the evolving nature of cyber security threats, emphasising the need for organisations to prioritise ongoing monitoring, sharing of threat intelligence and proactive vulnerability management to effectively mitigate risks.”

IT Governance is committed to helping organisations address the threat of cyber crime and other information security flaws. We provide a range of resources, including training courses, consultancy services and free guides, to help organisations understand and reduce dangers.