As we step into the latter half of 2023, the landscape of data breaches continues to evolve, raising concerns for individuals, businesses, and organizations worldwide. Data breaches have become an almost everyday occurrence, impacting millions of people each year. September 2023 has been no exception.
Cybercriminals are constantly finding new ways to exploit vulnerabilities, making it crucial for everyone to stay vigilant and proactive in safeguarding sensitive information. In this month’ data breach report, we have highlighted a few notable data breaches that took place in September 2023.
On September 6, 2023, Sabre Corporation (“Sabre”) confirmed that the company was targeted in a cyberattack.
Sabre is a travel reservation system and major provider of air passenger and booking data, whose software and data is used to power airline and hotel bookings, check-ins and apps. Many U.S. airlines and hotel chains rely on the company’s technology.
The Dunghill Leak group claimed responsibility for the cyberattack by listing on its dark web leak site, alleging it took about 1.3 terabytes of data, including sensitive data from ticket sales and passenger turnover, employees’ personal data, and corporate financial information.
The ransomware group BianLian claimed to have stolen 6.8TB of data from Save The Children, a humanitarian organization on September 11, 2023. The data is said to include international HR files, personal data, and more than 800GB of financial records. BianLian also claims to have access to email messages and PII (medical and health) data.
Save The Children confirmed that it had experienced an IT incident involving unauthorized access to part of its network but did not specify the type of attack or the data that may have been stolen. The organization said that there was no operational disruption and that it is working with external specialists to investigate the incident and take all necessary steps to protect its data and systems.
The Scattered Spider hacking group claims it has accessed 6TB of data from the multi-billion-dollar casino operators at MGM Resorts International (MGM.N) and Caesars Entertainment (CZR.O).
MGM Resorts, a major casino and hospitality company, was hit by a cyber-attack on September 10, 2023. The attack caused an abrupt halt in operations for some of the company’s properties. MGM Resorts did not confirm the nature of the attack, but cybersecurity experts believe that it was a ransomware attack.
Sony was impacted by two recent unrelated hacker attacks carried out by known ransomware groups.
- The company sent a notification to about 6,800 individuals, confirming a breach occurred after an unauthorized party exploited a zero-day vulnerability in the MOVEit Transfer platform that exposed the personal information of current and former employees and their family members.
- On September 25, 2023, a hacker group claimed to have stolen 260GB of proprietary data from Sony. The group, RansomedVC, posted 6,000 files as a sample of the stolen data, including a PowerPoint presentation and source code files.
*Sony has confirmed that it is investigating the alleged hack, but the company has not yet provided any further details. It is not clear what type of data was stolen or how many people may have been affected.
Sony has been the victim of several high-profile data breaches in recent years, including a 2011 hack that exposed the personal information of over 70 million PlayStation Network users.
Johnson Controls International (JCI)
JCI, a global leader in building and climate control technologies, was hit by a ransomware attack on August 11, 2023. The company confirmed the attack in a statement, saying that it has “detected and isolated a ransomware attack on parts of our network.”
Senior Department of Homeland Security officials are working to determine whether a ransomware attack on government contractor Johnson Controls International has compromised sensitive physical security information such as DHS floor plans, according to internal DHS correspondence reviewed by CNN.