Data Breaches and Cyber Attacks in October 2023 – 867,072,315 Records Breached

IT Governance’s research has discovered the following for October 2023:

  • 114 publicly disclosed security incidents.
  • 867,072,315 records known to be breached.

Introducing our Data Breach Dashboard

We’re excited to introduce our new monthly Data Breach Dashboard – a one-page overview of this month’s key findings that you can download for free.

Our first downloadable Dashboard is going live next week. We’ll add the link to this page, so please bookmark it and return to check out the Dashboard.

You’ll also be able to download each month’s data (and our sources) from the same page as the corresponding Dashboard.

Our monthly blogs will provide analysis of the data we’ve collected and we’ll continue to discuss the biggest breaches on our 2023 overview of publicly disclosed data breaches and cyber attacks.

High-level overview

Of October’s 114 incidents, we know the following:

Remediation

  • 61% of breached organisations reported taking remedial action. This typically included conducting a forensic analysis to establish exactly what happened (often by engaging a third-party specialist). It usually also involved temporarily taking down systems to limit the impact of the security breach.

Data exfiltration

  • 53% of breached organisations are known to have had data exfiltrated.
  • An additional 30% may have had data exfiltrated.
  • 18% have either concluded that no records were breached, or the breach didn’t involve a criminal.

Note: These numbers add up to 101% due to rounding.

Records breached

  • For 53% of disclosed incidents, a specific number of records breached was reported.

Note: This includes security incidents where we know no records were breached.

  • For a further 18% of disclosed incidents, we know that data has been exfiltrated, but we have no information on specific numbers.

Notification

  • 49% of breached organisations notified a regulator.
  • 53% notified affected individuals.

Top 10 biggest breaches

#Organisation nameKnown number of records breached
1ICMR (Indian Council of Medical Research)815,000,000
223andMe20,000,000
3Redcliffe Labs12,347,297
4McLaren Health Care6,000,000
5MCH (Morrison Community Hospital)5,000,000
6MNGI Digestive Health2,000,001
7Motel One1,000,000
8Flagstar Bank837,390
9District of Columbia Board of Elections600,001
10Shadow PC533,624

Note: Where ‘around’, ‘about’, etc. is reported, we record the rounded number. Where ‘more than’, ‘at least’, etc. is reported, we record the rounded number plus one. Where ‘up to’, etc. is reported, we record the rounded number minus one.

Sector overview

Most-breached sectors (by number of incidents)

#SectorIncidents
1Other3430%
2Healthcare3127%
3Education1614%
4 (tie)Media and telecoms1211%
4 (tie)Public and non-profit1211%
6Legal54%
7Finance and insurance44%

Note: The percentages add up to 101% due to rounding.

Most-breached sectors (by number of records)

#SectorKnown number of records breached
1Healthcare861,659,212
2Other2,433,216
3Public and non-profit1,661,001
4Finance and insurance843,726
5Education475,160
6 (tie)Legal0
6 (tie)Media and telecoms0

Other noteworthy findings

Unpatched/misconfigured

  • At least 32% of incidents were caused by a lack of patching or through poor configuration management – an alarmingly high percentage, considering that such incidents are usually easy to prevent.
  • Admittedly, a few of these were caused by the MOVEit breach (a zero-day exploit), but even if we excluded those, 28% of the remaining 109 incidents this month were caused by a lack of patching or a misconfiguration.

Ransomware

  • 21% of incidents publicly disclosed this month were ransomware attacks, which accounted for 16,012,014 of the records that are known to be breached.
  • Of these incidents, 75% definitely involved data exfiltration. An additional 21% may have involved exfiltration, which supports the worrying ransomware trend we’ve been seeing this year, particularly these past few months.

US

  • 50% of publicly disclosed incidents this month occurred in the US. However, these only account for 17,527,078 of the records known to be breached – just 2% of this month’s total. We’ll publish a special US report for October 2023 next week, so keep an eye out for that.