4.3m records compromised by cyber breaches in April 2023

The global provider of cyber risk and privacy management solutions also identified 120 publicly disclosed security incidents. Although these April statistics show an encouraging decline in attacks in comparison to last year, with an 89% decrease against April 2022 – organisations must continue to bolster their security efforts to prevent falling victim to cyberattacks. Cybercriminals are constantly evolving their tactics, and even with a decrease in attacks, there is no room for complacency.

Three of the biggest data breaches that occurred in April 2023 impacted; Shields Health Care Group, NCB Management and Kodi.

Shields Health Care Group, a medical services provider based in Massachusetts, suffered the largest data breach in April 2023. 2.3 million individuals had their personal data stolen by cybercriminals who gained unauthorised access to the organisation’s systems. Shields identified suspicious activity on its internal network in March 2022, and an investigation conducted last month revealed the full extent of the damage. The sensitive information stolen included patients’ Social Security numbers, dates of birth, home addresses, healthcare provider information, healthcare history, billing information, insurance numbers, and other financial details. Shields said in a statement that they take the “confidentiality, privacy, and security of information seriously” and have taken steps to secure their systems and enhance data security.

Nearly one million financial records were stolen in a recent cyberattack on NCB Management, a provider of debt collection services. A criminal hacker infiltrated the system on February 1, 2023, according to the internal investigation, although it is unknown how long they went undiscovered. The attacker was able to get credit card information from past-due Bank of America accounts. The compromised information included people's first and last names, address, phone number, email address, date of birth, work status, pay amount, licence number, Social Security number, account number, credit card number, routing number, account balance, and/or account status. Bank of America reported the issue to the appropriate authorities, although it is unclear what involvement the bank had in the breach beyond the fact that its clients were impacted. This breach creates the possibility for various scams, given that these individuals had been pursued by a debt collection agency.

Kodi's MyBB forum database was breached last month by an unauthorised actor who stole personal data of 400,635 users. The attackers gained access to the database through a trusted but inactive member of the admin team's account. They downloaded nightly backups of the entire database, including usernames, email addresses and encrypted passwords, as well as all public forum posts, team forum posts, and direct messages. Fortunately, Kodi reported that the attackers didn't access the underlying server hosting the MyBB software.

Here is a condensed list of the four categories which IT Governance outlines as part of its monthly data breaches analysis, and includes the following organisations:

·Cyberattacks – Shields Health Care Group, NCB Management, Kodi, Santa Clara Family Health Plan, 90 Degree Benefits, Queensway Carleton Hospital, Western Digital, HawaiiUSA Federal Credit Union and Brightline Inc.

• Ransomware – UnitedLex, PharMercia and BrightSpring Health Services, Capita, Yellow Pages Canada and Yum! Brands.

·Data breaches – Service NSW, TAFE South Australia, Tesla, Monument and Tempest, Mastodon and John Muir Health.

Alan Calder, Founder and Chairman of IT Governance, says: “It is imperative for organisations to take a proactive approach towards cybersecurity as it is an ongoing process and not a one-time effort. The recent data breaches, including the one suffered by Shields Health Care Group, have highlighted the importance of constant review and enhancement of security measures to protect sensitive customer information.

"Organisations also need to ensure integrity and accountability when breaches occur. Capita’s recent breach was only disclosed in April, when it happened the month prior. People are more incensed about the lack of transparency surrounding Capita's recent breach than by the cyberattack itself. A trustworthy and security-conscious organisation would have handled the intrusion well, but Capita's response has cast doubt over the situation.

"Organisations must adopt a layered approach to cybersecurity, which includes employee training, network security, and regular security assessments to stay one step ahead of cybercriminals. Despite the recent April statistics showing a decline in cyberattacks compared to last year, the threat remains real, and companies should not be complacent. They need to proactively invest in cybersecurity to prevent falling victim to attacks."