This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Asset 3
  • About
  • People
  • Capabilities
  • Insights
  • Careers
  • Public Interest
  • Inclusion
  • Contact us
    Contact us
  • Locations
    Locations
  • Search
    Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patents
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series
  • Contact Us
  • Location
  • Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patents
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series

Search People

Search by last name

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

see all people

Asset 3
  • LinkedIn
  • X (formerly known as Twitter)
  • Facebook
  • Instagram
  • Threads
  • YouTube
  • rss
  • Contact Us
  • Terms of Use
  • Privacy
  • Sitemap
  • LinkedIn
  • X (formerly known as Twitter)
  • Facebook
  • Instagram
  • Threads
  • YouTube
  • rss

© 2024 Brown Rudnick LLP. Attorney advertising.

All Rights Reserved.

All Posts Subscribe
print-logo
7/18/2023 8:28:35 PM | 2 minute read

Data Breaches of 2023: And the Award Goes to...

3
20

Get in touch

Avatar
Matthew Richardson
Partner

Get in touch

Avatar
Matthew Richardson
Partner
Compromised information concept. Internet virus cyber security and cybercrime.
3
20

It’s Emmys season! That time of the year when we look back at the excellent television that we have watched since last summer and decide how many awards “Succession” and “The Last of Us” should share between them.

In keeping with the awards season motif, this year’s Ruddys will be equally well contested. The Ruddys are the annual awards given to those companies that have suffered the reddest faces as a result of a data breach or cyberattack. This year is like every other year – the competition is strong.

The winners are:

Most Expensive Data Breach: T-Mobile

In January 2023, T-Mobile suffered a huge data breach affecting 37 million customer or 11% of the total population of the United States. This was the company’s eighth data breach but their first big win in the Ruddys.

The breach is likely to cause the company a loss of around hundreds of millions of dollars after settlements and fines have been paid, not to mention the cost of the reputational hit. The information stolen included names, emails and birthdays – more than enough for a clever hacker to cause untold trouble to unsuspecting customers.

Most Far-Reaching Data Breach: MOVEit

The attack targeted the widely used file transfer tool, MOVEit, and its resulting impact has been enormous. More than 200 organizations and as many as 17.5 million individuals have been affected as of July 2023.

Notably, several federal agencies, including the Departments of Energy, Agriculture and Health and Human Services, have fallen victim to this breach. Moreover, it is believed that a majority of schools across the United States have also been targeted.

The implications of this attack are still unfolding, and there are second-order breaches at prominent organizations such as Shell, Siemens Energy, Schneider Electric, First Merchants Bank, City National Bank and various international targets.

Clop, a Russia-linked ransomware group, has claimed responsibility for the breaches, and has threatened to publish stolen information on the dark web.

Biggest Data Breach: Twitter

Recent reports reveal that a substantial collection of email addresses belonging to approximately 200 million Twitter users is currently available for purchase on the dark web, with prices as low as $2. Despite the fact that the underlying vulnerability responsible for this data leak was addressed in January 2023, various malicious actors continue to disseminate this information. The magnitude of this situation cannot be overstated, as it jeopardizes the privacy and security of countless individuals.

Biggest Data Breach in a Health-Care-Related Company: PharMerica 

Kentucky-based U.S. Pharmaceutical giant PharMerica, which manages 2,500 different facilities across the U.S., has revealed that an unknown actor accessed its systems in March and extracted personal data from 5.8 million individuals. The hacker took social security numbers, birth dates, names and health insurance information from the compromised system.

Special Achievement in Government Data Breaches: U.S. Department of Transportation

Personal information pertaining to 237,000 U.S. government employees has reportedly been exposed in a Department of Transportation data breach.

Reuters reported that the breached system is usually used to process “TRANServe transit benefits,” which are effectively transportation expenses that government employees commuting into offices can claim back. The Department of Transportation told Congress earlier in July that it had “isolated the breach to certain systems at the department used for administrative functions.” No systems that deal with transportation safety have been affected.

It is clear that the size of company, or even government department does nothing to deter a hacker. Businesses across the globe need to take precautions and have in place a plan to deal with the fallout of a cyber breach when it inevitably does occur. The only way to minimize your company’s exposure and avoid making this list next year is to take the threat of cybercrime seriously and protect the valuable data your company holds.

Sign up to receive our latest BRiefings delivered directly to your inbox. Subscribe

Tags

cybersecurity & data privacy

Get in touch

Avatar
Matthew Richardson
Partner

Get in touch

Avatar
Matthew Richardson
Partner
DOJ Updates White-Collar Enforcement Priorities
5/15/2025 8:37:21 PM

DOJ Updates White-Collar Enforcement Priorities

By Daniel Sachs Steven Tyrrell Stephen Best Angela Papalaskaris +1 more...

Show less

DOJ Updates White-Collar Crime Enforcement Priorities  On May 12, 2025, the Criminal Division of the U.S. Department of Justice (DOJ)...
9
9

Latest Insights

Renewable Transport Fuel Obligation (RTFO) and Tax Disputes: Navigating a Complex Compliance Landscape
5/12/2025 12:30:58 PM

Renewable Transport Fuel Obligation (RTFO) and Tax Disputes: Navigating a Complex Compliance Landscape

By Matthew Sharp
2
2
Raising the Stakes: UK Government Consults on the Tax Treatment of Remote Gaming and Gambling
5/9/2025 2:45:43 PM

Raising the Stakes: UK Government Consults on the Tax Treatment of Remote Gaming and Gambling

By Matthew Sharp Menelaos Karampetsos
1
16
17
[2025] UKUT 00124 (TCC) George Mantides Limited v HMRC: Further Ammunition for HMRC in Its Battle Against Self-Employment in Healthcare?
5/1/2025 2:34:46 PM

[2025] UKUT 00124 (TCC) George Mantides Limited v HMRC: Further Ammunition for HMRC in Its Battle Against Self-Employment in Healthcare?

By Matthew Sharp
44
44