As we approach the end of 2023, it’s evident that this year has set new records in ransomware attacks. The first half of the year alone witnessed a staggering 49% increase in publicly disclosed attacks compared to the same period in 2022.
However, the most alarming revelation comes in the form of undisclosed attacks, reaching a shocking 1,815 cases in the first six months of the year. This article delves into the significant ransomware incidents of 2023, shedding light on the scale of the threat and the profound consequences faced by victims.
Royal Mail Falls Prey to LockBit
In January, the UK’s Royal Mail experienced a crippling ransomware attack orchestrated by LockBit. The group targeted the postal service’s software, leading to the encryption of files that resulted in a complete halt of international shipments. Despite negotiations, Royal Mail opted not to pay the $80 million ransom, leading to the leak of sensitive data.
US Marshals Service Grapples with Sensitive Data Breach
February witnessed an attack on the US Marshals Service, impacting a system containing sensitive law enforcement data. While critical tools were restored within 30 days, the fallout included the compromise of personally identifiable information and legal process returns.
Medusa’s Disturbing Attack on Minneapolis Public Schools
Medusa gained notoriety by attacking Minneapolis Public Schools in March, exfiltrating a trove of data and demanding a $1 million ransom. The leaked information included complete sexual assault case files, medical records, discrimination complaints, and more, causing significant public concern.
ALPHV Targets Lehigh Valley Health Network
In March, healthcare provider Lehigh Valley Health Network faced a ransomware attack by ALPHV. The attackers leaked sensitive patient data, including naked images of breast cancer patients, medical questionnaires, passports, and more, leading to legal repercussions for the healthcare provider.
Capita’s Costly Ransomware Incident
British outsourcing company Capita fell victim to a ransomware attack in March, incurring recovery costs of up to $25 million. BlackBasta claimed responsibility, causing a 12% drop in Capita’s share price and potential theft of customer, supplier, and employee data.
MCNA Dental Exposes Data Breach
LockBit targeted Managed Care of North America (MCNA) Dental, exposing a data breach affecting nearly 9 million patients. The threat actors demanded a $10 million ransom, leading to the publication of sensitive patient information on the dark web.
Dallas City Struggles with Royal Ransomware
In May, the City of Dallas faced disruption across various departments due to a ransomware attack by the Royal ransomware group. Over 26,000 people were affected, with reports of identity theft and $8.6 million approved by the Dallas City Council for related services and credit monitoring.
Clop’s Exploitation of MOVEit’s Zero-Day Vulnerability
The exploitation of MOVEit’s zero-day vulnerability by Clop in May became a major cybersecurity incident, affecting around 600 organizations and impacting nearly 40 million individuals. The full fallout and impact of this attack are yet to be fully realized.
St. Margaret’s Health Closes After 2021 Ransomware Attack
In June 2023, St. Margaret’s Health in Illinois announced closure after a 2021 ransomware attack. The incident severely impacted operations, leading to financial difficulties exacerbated by the COVID-19 pandemic.
Australian Banks Hit in HWL Ebsworth Ransomware Attack
In June, major Australian banks were affected by a ransomware attack on law firm HWL Ebsworth. BlackCat’s attack led to the exfiltration of 4TB of data, including financial information, customer documentation, and credentials.
The ransomware landscape of 2023 has proven to be relentless, with organizations across various sectors falling victim to sophisticated attacks. The undisclosed attacks highlight the severity of the threat, urging businesses and governments to enhance cybersecurity measures.