Recently details on a number of data privacy incidents has become publicly known. 

Let's start with the Ferrari case. As it was reported, intruders managed to obtain access to a number of corporate IT-systems. As a result, they stole some confidential data and then demanded a ransom. According to the official statement by the company representatives, the following data was exposed:

•    Names
•    Addresses
•    Email addresses
•    Telephone numbers.

However, it was also claimed that “no payment details and/or bank account numbers and/or other sensitive payment information, nor details of Ferrari cars owned or ordered have been stolen”.

The second incident has affected the Hitachi Energy. As it was reported in the official statement by company representatives, the CLOP ransomware group performed an attack on the Hitachi Energy third-party provider FORTRA GoAnywhere MFT. The incident could have resulted in the unauthorized access to employee data.

The investigation is currently in progress, however, it is known that the attack was performed with the help of exploit of  a 0-day vulnerability (CVE-2023-0669). Presumably, customer data was not compromised. Hitachi Energy specialists notified employees who could have been affected in the incident and disconnected the third-party system.

A large data incident also concerned Royal Dirkzwager company and its employees. Play group reported stealing private and confidential data, which included employees’ personal data, their passports, contracts etc. The attackers published 5 GB data archive as the proof of successful hack and promised to leak the whole dump if the ransom won't be paid.

Another data leak incident has affected NBA fans. It turned out, that the NBA email contractor was hacked. The incident concerned users, who agreed to receive newsletters on sport news. As a result of the incident, the following data was exposed:
•    Fans’ names
•    Email addresses