AFRICA APAC EUROPE MIDDLE EAST NORTH AMERICA

The organisation stated that its systems were compromised due to an attack on its vendor , Pension Benefit Information . As a result , the data of 2,630,717 consumers belonging to TIAA ' s clients was compromised .

These statistics show a 47 % increase against July 2022 and a 920 % increase from June 2023 .

Three of the biggest data breaches impacted Tigo , Indonesian Immigration Directorate General and Teachers Insurance and Annuity Association of America .

In July , reports surfaced about Tigo – one of China ’ s most popular online messaging platforms – experiencing a data leak affecting over 700,000 individuals .

The leaked information included names , usernames , genders , email addresses , IP addresses , user uploaded photos and private messages .

Alarmingly , more than 100 million records were compromised , as revealed by Have I Been Pwned . Troy Hunt , who runs the site , made the incident public after multiple unsuccessful attempts to contact Tigo about the breach .

Although the platform is widely used in China , Tigo has previously faced scrutiny over its data privacy practices . Concerns about its security were highlighted when users trying to download the app from Google Play were informed that information is not encrypted over a secure connection , potentially allowing unauthorised actors to intercept messages and spy on people ' s conversations .

The second biggest breach of July affected more than 34 million Indonesians , who had their passport data leaked after a hacker gained unauthorised access to the country ’ s Immigration Directorate General at the Ministry of Law and Human Rights .

It remains unclear whether this number represents the total number of TIAA ' s clients ' consumers or if it is a subset of those affected , as some clients have already reported the breach .

Alan Calder , Founder and Executive Chairman of IT Governance , said : “ The cyber landscape in July 2023 witnessed an alarming surge in security incidents .

“ The Tigo data leak shows the need for improved data privacy procedures , especially in light of the platform ' s popularity in China and earlier encryption-related concerns .

“ The Indonesian Immigration Directorate General and TIAA should conduct thorough investigations into the breaches , to understand the extent of the damage and identify the vulnerabilities that allowed the attackers to gain unauthorised access .

“ These incidents highlight the importance of rigorous security measures and swift incident response and serve as stark reminders of the ever-growing cyberthreats .

“ It ' s crucial to adopt robust cyberdefence measures , implement data protection best practices and invest in continuous security training for employees .

“ Proactive vigilance and adherence to international standards , like ISO 27001 , are essential for safeguarding sensitive data and preserving customer trust .” x

The cybersecurity researcher , Taguh Aprianto , revealed the incident on Twitter . The stolen information includes full names , genders , passport numbers , dates of issue and expiry , as well as dates of birth . Law enforcement is investigating the breach .

July also saw TIAA – Teachers Insurance and Annuity Association of America – join the list of organisations impacted by the MOVEit vulnerability .

www . intelligentcxo . com

57