Last year, a list of 2022’s most poorly handled data breaches was compiled, highlighting the inadequate responses of corporate giants when faced with hacks and breaches. Unfortunately, this year has seen many organizations continue to make the same mistakes. Here’s a look at some of the most prominent cybersecurity failures of 2023.
Key Takeaway
2023 witnessed a series of data breaches where organizations not only failed to prevent cyberattacks but also mishandled the aftermath, leaving millions of individuals at risk of identity theft and other cybercrimes.
Electoral Commission’s Year-Long Silence
The Electoral Commission, responsible for overseeing elections in the United Kingdom, confirmed a cyberattack in August that exposed the personal details of up to 40 million U.K. voters. Shockingly, it took the Commission a year to detect the breach, and details about the hackers and the breach remain undisclosed.
Samsung’s Tight-Lipped Approach
Samsung faced questions about a year-long breach of its systems that compromised the personal data of its U.K.-based customers. The company admitted that it only discovered the breach three years later and refused to provide further details when questioned.
Shadow’s Shrouded Breach
French cloud gaming provider Shadow experienced a breach, but the full impact of the incident remains unknown. The company refused to provide any comment or make the breach public outside of the emails sent to affected customers.
Lyca Mobile’s Unrevealed Data Breach
Lyca Mobile admitted a data breach that caused widespread disruption for millions of its customers, but the company has still not disclosed what data was stolen from its systems or how many customers were impacted.
MGM Resorts’ Ongoing Silence
Months after the breach, MGM Resorts has not disclosed how many customers were affected by the hack. The company has repeatedly declined to answer questions about the incident.
Dish’s Potentially Extensive Breach
Dish confirmed a ransomware attack resulting in an ongoing outage and warned about the exfiltration of customer data. However, the company has not provided a substantive update, leaving customers uncertain about the risk to their personal information.
CommScope’s Employee Data Breach
CommScope, targeted by the Vice Society ransomware gang, failed to inform its employees about the breach that exposed their personal information. The company declined to address the leaked employee data and remained tight-lipped about the incident.