Data breaches continue to pose a significant risk for companies across various industries in 2023. This article highlights eight high-profile data breaches that occurred this year.

Yum Brands (KFC, Taco Bell, & Pizza Hut): April 2023

The parent company of well-known fast food restaurants KFC, Taco Bell, and Pizza Hut, Yum Brands, disclosed a January 2023 cyberattack in April of the following year. At first they thought the hack only directly touched company data, but now they are being cautious and alerting clients who might have had their personal information compromised.

The attack forced the business to close nearly 300 stores in the UK back in January, and it has continued to cost the business money in the form of increased security precautions, consumer alerts, and brand reputation. demonstrating once more that data breaches pose a serious financial risk to large corporations in 2023.

ChatGPT: March 2023

Due to its ground-breaking AI capabilities, ChatGPT has been in the public eye for several months. However, some bad news surfaced in late March when they disclosed a data breach. The parent company of ChatGPT, OpenAI, said in a statement, “In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, credit card number (only the last four digits), and credit card expiration date. No full credit card numbers were ever disclosed, according to CMSWire.

By alerting affected users, validating their emails, and implementing new security measures, the corporation is handling the fallout. The distrust that many Americans have for ChatGPT and AI in general will only grow as a result of this data breach.

Chick-fil-A: March 2023

Popular fast food chain Chick-fil-A acknowledged that a data breach of their mobile app had exposed the personal data of customers. The business discovered strange login behaviour, looked into the anomaly, and discovered the cyberattack took place in the first few months of 2023. In order to access the system and obtain information such as membership numbers, names, emails, addresses, and more, the hacker used passwords and email addresses provided by a third party.

Despite the fact that less than 2% of consumer data was compromised, Chick-fil-A has already taken steps to protect itself against similar assaults in the future. In addition to announcing increased online security and surveillance, the restaurant said it would also compensate any accounts damaged by the hack. Here’s how to safeguard your account and get compensated for any unauthorised transactions if you believe your account was impacted.

Activision: February 2023

Activision, the publisher of Call of Duty video games, announced on February 19 that there had been a data breach in December. An HR employee was the target of an SMS phishing attempt by a hacker who wanted access to employee information such emails, cell phone numbers, wages, and workplaces.

Activision asserts that the attack was quickly contained and that not enough information was gathered to justify immediately notifying their staff of the data breach. However, a security research organisation that looked into the intrusion found that the hacker also got access to the 2023 release schedule for the gaming companies, along with the private employee information. According to California law, the business must notify the team if the data of 500 or more employees is compromised. We’ll have to wait and see if the failure to inform the staff of the problem leads to legal or perhaps financial problems.

Google Fi: February 2023

The most recent high-profile data breach is that of Google Fi, however it is a result of the T-Mobile data leak from earlier in 2023 (described below). Due to the fact that Google relied on T-Mobile’s network because it lacked its own network infrastructure, the phone numbers of its users were exposed in the big data breach that T-Mobile experienced.

Even though it’s just phone numbers, fraudsters can do a lot with that kind of customer information, including conducting phishing attempts to trick customers into clicking links that give them access to other data. In 2023, if you use Google Fi, be especially watchful of shady texts.

T-Mobile, January 2023

T-Mobile found out in early January 2023 that a hostile actor had accessed their networks in November of previous year and had taken over 37 million users’ names, emails, and birthdays. Within a day of discovering the data breach, they were able to locate the source and contain it.

In addition to the $350 million they agreed to pay consumers in a settlement relating to a data breach that occurred in August 2021, T-Mobile believes they may “incur significant expenses” as a result of this hack. T-Mobile’s lax security has cost them hundreds of millions of dollars, but it has also cost them their customers’ trust following many data breaches.

MailChimp: January 2023

MailChimp, an email marketing platform, informed consumers that a social engineering attack had resulted in unauthorised people gaining access to an internal customer care tool, resulting in a data breach.

The organisation then discovered and suspended those accounts after discovering that the hackers had access to employee data and login credentials. According to Bleeping Computer, MailChimp responded to the data breach by stating that “Our investigation into the matter is ongoing, and includes identifying measures to further protect our platform.”

Despite having data breaches in April and August of 2022, this is MailChimp’s first attack in 2023. As MailChimp now understands, it’s critical to be aware of what to do following a data breach in order to thwart hacking attempts before they compromise information repeatedly.

Norton Life Lock update for January 2023

In mid-January, Norton Life Lock notified its customers that a “stuffing” attack had recently compromised over 6,000 of their client accounts. Another reason why multi-factor authentication is crucial is because of stuffing attacks, which occur when accounts that use shared passwords are hacked using previously obtained passwords.

The alert was sent to accounts by Gen Digital, the parent company of Norton Life Lock, who suggested changing passwords and turning on two-factor authentication.

Other Breaches in Cybersecurity
Hackers could compromise a company’s cyber security systems in order to steal other crucial data in addition to client data.

It was revealed by Last Pass, a password management service used by over 30 million individuals, on August 25th, 2022, that a hacker had gained access to their network using a developer account that had been compromised.

Despite a security breach, the firm claimed that they don’t think any encrypted client data was read and that instead the user “took portions of source code and some proprietary LastPass technical information.” This indicates that no customer information was compromised and that Last Pass’s security and encryption protocols for its users’ passwords were effective.

Despite the fact that this cyber security breach has forced Last Pass to work towards strengthening their defences against future attacks and recruit outside investigators.

https://webtimes.com.ng/2023/04/19/leading-8-high-profile-company-data-breach-incidents-in-2023/?fbclid=IwAR2BEiJddQ7YzhPF0YSF-GDg5eLMSNLoW9XX8r97megJ7apWhcowKpGX4uc