List of Data Breaches and Cyber Attacks – June 2023

IT Governance found 79 publicly disclosed security incidents in June 2023, accounting for 14,353,113 breached records.

You can find the full list below, divided into four categories: cyber attacks, ransomware, data breaches, and malicious insiders and miscellaneous incidents.

Also be sure to check out our new page, which provides a complete list of data breaches and cyber attacks for 2023.

We break down the month’s cyber security landscape for each month, and you can find more information about our list and the biggest security incidents of the month.

Cyber attacks

• Oregon and Louisiana departments of motor vehicles become the latest government department affected by MOVEit breach (9.5 million)
• Four senior residences in Pennsylvania disclose a data security breach (unknown)
• MOVEIt breach impacts Genworth (2.5 million)
• Wilton Reassurance announces security breach related to MOVEit software vulnerability (1,482,490)
• California Public Employees’ Retirement System and CalSTRS compromised by MOVEit breach (769,000)
• Intellihartx files notice of security breach after mass-hack (490,830)
• CGM, Inc. files notice of security breach (280,000)
• Commonwealth Health Physician Network-Cardiology notified patients of network breach (181,764)
• ChatGPT accounts hacked in malware attacks (100,000)
• Kannact files notice of security breach (100,000)
• Data exposed after US health department was hit by global cyber attack (100,000)
• Students’ data breached in Minnesota Department of Education hack (95,000)
• Oreo cookie maker says crooks gobbled up staff info (51,110)
• NYC schools disclose student and staff information affected by MOVEit breach (45,000)
• Maimondes Medical Center notifies patients of hacking incident (33,000)
• Atlanta Women’s Health Group files notice of security breach (33,000)
• HomecareGPS announces security breach (31,000)
• Community Research Foundation posts notice of security breach (30,057)
• Marshall & Melhorn notifies individuals of recent security breach (27,000)
• Conner Strong & Buckelew notifies consumers of security breach that leaked their SSN (15,064)
• The Hatcher Agency confirms security breach (9,500)
• Pilot applicant information for American and Southwest airlines hacked (8,754)
• Orbiter Finance Discord server hacked (unknown)
• Medford Radiology Group suffers “significant” cyber attack (unknown)
• Mayberry clients urged to act fast after cyber attack (unknown)
• Ascension Seton says its websites were compromised (unknown)
• University of Manchester trying to resolve “cyber incident” (unknown)
• Switzerland fears government data stolen in cyber attack (unknown)
• Ukrainian hackers take down service provider for Russian banks (unknown)
• Illinois, Minnesota and Missouri state governments compromised in MOVEit compromise (unknown)
• US Energy Department and other federal agencies affected by MOVEit breach (unknown)
• Stephen F. Austin State University students grow anxious about falling behind as school reels from cyber attack (unknown)
• Sweetwater Union High School District now admits February outage was a hack (unknown)
• Parker Wellbore files notice of recent security breach (unknown)
• FirstBank Puerto Rico announces security breach after cyber attack at MIAC (unknown)
• CoxHealth confirms data breach after third-party security incident (unknown)
• Japanese firm iSpace discloses cyber attack (unknown)
• Maimonides Medical Center posts notice of security breach following cyber attack (unknown)
• Henry Ford Health System patient data exposed in mscripts (unknown)
• Canopy Children’s Solutions confirms recent cyber attack (unknown)
• University of Rochester provides notice of possible security breach stemming from vulnerability in file transfer service (unknown)
• EpiSource confirms security breach stemming from unauthorised access to AWS information (unknown)
• Henrietta Johnson Medical Center patients affected by breach at Delaware Health Network  (unknown)
• Phone-tracking app LetMeSpy says it has been hacked (unknown)
• National Student Clearinghouse notifies schools of MOVEit breach (unknown)
• Barrow County, Georgia, notifies people of a breach that began more than a year ago (unknown)
• Lumberton ISD attacked, personal information stolen (unknown)
• Tx notifies SoutheastHEALTH patients that GoAnywhere security breach leaked their confidential information
• Desert Physicians Management announces security breach on behalf of multiple providers (unknown)

Ransomware

• NHS patients’ details compromised after ransomware attack on University of Manchester (1.1 million)
• Nova Scotia healthcare staff stolen in MOVEit breach (100,000)
• Vincera Institute notifies patients after ransomware attack (25,000)
• Vermont health insurance customers affected by Fortra/GoAnywhere breach (14,000)
• Iowa’s largest school district confirms ransomware attack (6,700)
• Ransomware strikes Chattanooga State (1,244)
• City of Augusta, GA hit by ransomware attack (unknown)
• Middlesex Co. Public Schools confirms ransomware attack (unknown)
• Martinique government embroiled in ransomware (unknown)
• South Jersey Behavioral Health Resources discloses ransomware attack (unknown)
• British Airways, Boots, BBC payroll data stolen in suspected ransomware attack (unknown)
• Columbus Regional Healthcare System in North Carolina hit by ransomware (unknown)
• Paris High School in Illinois embroiled in ransomware attack (unknown)
• School community OSG Hengelo closes deal with hackers after ransomware attack (unknown)
• Ransomware group claims they hacked Reddit and will leak the data (unknown)
• MAC Pizza files notice of security breach following ransomware attack (unknown)

Data breaches

• Toyota Motor Corp. discovers yet another data breach  (260,000)
• Hong Kong privacy watchdog warns data management firm over possible exposure of credit histories (180,000)
• Software vulnerability prompts University of Pittsburgh Medical Center billing contractor to contact patients (25,000)
• Ireland’s Public Appointments Service involved in data breach (15,000)
• UL Hospitals Group accidentally shared patients’ info (1,000)
• Lawyer says he “fell into stupid” after using TeamViewer to snoop on former firm’s business activity (unknown)

Malicious insiders and miscellaneous incidents

• Houston ISD investigating how students’ personal documents ended up on the street (unknown)
• Former Highmark employee accused of misusing customer info to steal money from their health savings accounts (unknown)