It’s the end of January 2023, and the numbers are in– below is a list of the most malicious cyber-attacks over the last month.  

 As reported by Kon Briefing, cyber-attacks have affected more than 24 countries worldwide in January, with an estimated 56 breaches reported this past month. Below, we’ve detailed 7 of the most malicious cyberattacks globally from January 2023.  

T-Mobile Breach Results in 37 Million Customer’s Data Stolen 

On January 5th, T-Mobile suffered a data breach that exposed the personal information of 37 million accounts. The attack was conducted via an API vulnerability. Information such as phone numbers, date of birth, billing address, email, and account records were compromised in the breach, though no financial information was revealed. T-Mobile concluded in its last statement about the breach, saying that the investigation is ongoing, but the malicious activity has been fully contained. This breach serves as an important reminder for companies and organizations to take steps to protect customer data by regularly patching vulnerabilities and performing proper security testing on APIs and other digital assets.  

Via: BleepingComputer

French Cosmetics Giant Attacked by Lockbit Group

Nuxe, the French cosmetics giant, has become the latest cyberattack victim of the hacker group known as LockBit. The Russian-speaking hacker group is now holding Nuxe’s confidential data hostage in exchange for ransom. According to reports, the hackers managed to gain access to Nuxe’s networks and encrypted several of their servers, preventing the company from accessing their data. In response, Nuxe is working with cybersecurity experts to restore its systems and recover the encrypted data. While no ransom demand has been publicly announced, it remains unclear how the incident will be resolved. It serves as a reminder of the importance of having proper measures to protect against cybercriminals. 

Via: Le Parisien 

Phishing Attack Costs ‘NFT Investments’ $250K

NFT Investments, a digital asset platform, has recently suffered a phishing attack that cost the company $250,000 USD. The incident was quickly identified, and an incident response plan was implemented to prevent further attacks. NFT Investments is working with law enforcement and leading cybersecurity experts to investigate the attack and recover the stolen funds. Meanwhile, the platform is taking proactive measures to enhance its security protocols and prevent similar attacks in the future. The NFT digital asset platform is the latest example of how cybercriminals increasingly target cryptocurrency exchanges and associated companies due to their growing popularity. With more people investing in digital assets, companies like NFT Investments must remain proactive in their security protocols to ensure user funds remain secure.

Via: Proactive 

MailChimp Faces Social Engineering Attack 

In early January, email marketing giant MailChimp experienced a security incident through social engineering that compromised an estimated 133 MailChimp accounts. MailChimp took immediate action to assess and mitigate the impact of this event and suspended access to the affected accounts. MailChimp has also notified affected users and is working with law enforcement to investigate the incident. The company remains committed to protecting its users’ data and ensuring their accounts remain secure. They are asking all users to monitor their MailChimp account activity, review available information on their security settings, and take immediate action if they notice any suspicious activity.

Via: MailChimp

DDoS Attack on Nepal Government Data Center

In late January, more than 400 Nepal government websites were knocked out for several hours due to a Distributed Denial-of-Service (DDoS) attack on the Government Integrated Data Centre. This caused chaotic queues at Kathmandu airport as immigration officials had to manually issue visas and check passports. International flights were delayed by up to three hours, while domestic flights were unaffected. This is not the first time hackers have targeted the government’s mainframe, but this month’s attack has had the most prolonged and severe disruption. As of now, technicians at Singha Durbar were able to restore services after making its mainframe inaccessible from abroad.

Via: Nepali Times

England’s Royal Mail Hit with Ransomware

‘Royal Mail,’ England’s national postal service, was hit with a ransomware attack speculated to have been carried out by, none other than, Russian hacker group LockBit. The attack caused disruption so bad that the postal service could not send international letters and packages from the UK for days. This drove much frustration for SMBs relying on Royal Mail to ship their products outside the country. In a recent update, Royal Mail said it is now positioned to resume shipping services of letters and packages internationally for business customers and consumer users of its online shipping systems.

Via: Computer Weekly

300 Fast Food Restaurants Close Due to Ransomware Attack 

Yum Brands Inc., the parent company of KFC and Taco Bell, was hit with a ransomware attack that caused them to close several hundred restaurants across the United Kingdom and Ireland. The government filing indicated that information technology systems were affected and that the attackers had accessed company data. Yum has since taken some systems offline, installed enhanced monitoring technology, and engaged law enforcement and cybersecurity professionals to investigate the incident. The company also said that no other restaurant disruptions had been reported due to the attack and they do not expect it to have a material impact on their business.   

Via: News Observer

For the complete list of cyber-attacks from January 2023, read more here.