Monthly Breach Report: September 2023 Edition

September 13, 2023

In the fast-paced world of technology and data-driven living, the month of August 2023 has brought yet another set of revelations and challenges in the realm of data breaches and cybersecurity. It has become abundantly clear that the battle to safeguard sensitive information in our interconnected digital landscape is far from over. August 2023 brought a series of incidents that not only underscore the evolving tactics of cyber adversaries but also emphasize the imperative for individuals and organizations to remain ever-vigilant in the face of data breaches.

MOVEit hack

In July 2023, the tech community was shaken by the revelation of the MOVEit data breach. However, the aftermath of this breach continues to unfold, with its impact steadily growing. To date, it has affected an alarming 58.6 million individuals and 1,132 organizations worldwide.

While experts are still uncovering the full scope of this breach, preliminary findings indicate that a significant amount of sensitive data has been breached. This includes personal data, financial records, and proprietary business information, thereby placing countless individuals and enterprises in a vulnerable position both financially and with potential damage to trust and reputation.

You can see the full 1132+ victim organizations that were affected here –


Seiko, a Japanese watchmaker, disclosed a data breach occurred on August 10, 2023. The company said that it had discovered unauthorized access to one of its servers on July 28, 2023. The investigation by external cybersecurity experts found that some information stored on that server may have been compromised.

The types of information suspected to have been compromised include:

  • Employee information, such as names, addresses, and Social Security numbers
  • Customer information, such as names, addresses, and purchase history
  • Business partner information, such as names, addresses, and contact information
  • Financial information, such as credit card numbers and bank account numbers
  • Intellectual property, such as product designs and trade secrets

The ransomware group BlackCat has claimed responsibility for the attack on Seiko. BlackCat is a relatively new ransomware group that has only been active since early 2023. The group is known for its aggressive tactics and has demanded millions of dollars in ransom payments from its victims.

Discord, a third-party service that allows users to create custom invites to their Discord channels, suffered a data breach that exposed the personal data of over 760,000 users. The data leaked included usernames, email addresses, billing addresses (of a limited number of individuals), salted and hashed passwords (affecting a limited number of individuals), and their respective Discord IDs.

The breach was discovered on August 14, 2023, after a database containing the personal information of users was put up for sale on the dark web. The hacker, who uses the alias ‘Akhirah’, shared four user records from the database as proof of the data’s authenticity. confirmed that the data was legitimate and that it had taken steps to secure its systems and prevent further breaches. The company also said that it was working with law enforcement to investigate the incident.

PurFood Data Breach

A home meal delivery service, disclosed a data breach on August 29, 2023. The company said that it had discovered unauthorized access to its systems on January 16, 2023. The investigation by external cybersecurity experts found that some information stored on the server may have been compromised.

The types of information that may have been compromised include:

  • Names
  • Social Security numbers
  • Financial account information
  • Payment card information
  • Medical record numbers
  • Medicare and Medicaid identification
  • Health information
  • Treatment information
  • Diagnosis code
  • Meal category and cost
  • Health insurance information
  • Patient ID number

PurFoods said that it is working with law enforcement to investigate the incident and that it is taking steps to protect its systems from future attacks. The company has also offered credit monitoring and identity theft protection services to affected individuals.

Alberta Dental Service Corporation

The Alberta Dental Service Corporation (ADSC) data breach was a data security incident that occurred in August 2023. The breach affected approximately 1.47 million individuals who were enrolled in the Alberta government’s Dental Assistance for Seniors Plan, the Alberta government’s Low-Income Health Benefits Plans, and the Quikcard program.

The breach was discovered on July 9, 2023, when ADSC’s IT systems were found to be infected with ransomware. The ransomware encrypted some of ADSC’s data, making it inaccessible. ADSC paid a ransom to the hackers in order to get their data back.

The investigation into the breach found that the hackers had gained access to ADSC’s systems between May 7 and July 9, 2023. During this time, the hackers copied data from ADSC’s systems, including:

  • Names
  • Dates of birth
  • Personal health numbers
  • Dental benefits details
  • Government-issued identification numbers
  • Banking information for some Quikcard users

ADSC has notified the affected individuals and is offering them complimentary credit monitoring services.

There are some common trends that we are seeing. Hackers are more sophisticated, they move faster and they continuously target healthcare, financial, and technology companies. With PKWARE, these breaches would have less of an impact on the financial stability of these enterprise organizations. We believe in protecting what those with malicious intent are after in the first place…the data. When a breach occurs, your data is still safe and is unusable by those who have found it. Keep your data safe and your business out of the cybersecurity headlines with the help of PK Protect. Learn more.

Share on social media