Major Data Breaches and Hackings in March 2023

Looking for a quick overview of some of the most notable March 2023 data breaches and hacking reports in the news? We’ve done the legwork for you, and here they are from the largest number of individuals impacted to the lowest.

Hacking Reports

Dangers of Wi-Fi Calling with Android Devices Uncovered

Recently, Google has urged Android phone users to switch off Wi-Fi calling in order to avoid being hacked. WRTV News also reported on this vulnerability which can allow hackers to steal sensitive information and take control of the phone. Switching off Wi-Fi calling can be inconvenient for those who rely on it for their communication needs.

Affected Devices

Samsung Semiconductor’s advisories share the Exynos chipsets that are vulnerable, which makes the affected products likely to include:

Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series;
Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
The Pixel 6 and Pixel 7 series of devices from Google; and
any vehicles that use the Exynos Auto T5123 chipset.¹

How Android Users can Protect Their Devices

In light of this news, it is important for Android users to take steps to protect themselves. The most practical step is to use IDSeal Pro-tec, a comprehensive device protection application that can help keep your device safe and your personal information secure.

¹ Google Project Zero, https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html

² Subscription required. Please go to https://www.idseal.com/#plans-and-pricing to signup.

Data Breaches

Independent Living Systems, LLC

A healthcare administration and managed care solutions provider based in Florida.

Company Website: ilshealth.com

Breach Size: 4,336,508

Data Exposed: names, contact information, Social Security numbers, Medicare/Medicaid IDs, health information, health insurance information

Though ILS posted a breach notice on their website in September 2022, individual notice was not given to customers until March 14, 2023, yet the breach occurred back in June or July of 2022. This hacker was able to obtain files containing highly sensitive patient data, which could now possibly be floating around on the Dark Web.

NCB Management Services

NCB is an Accounts Receivable Management and Call Center Management solution.

Company Website: ncbi.com

Breach Size: 494,969

Data Exposed: names, addresses, phone numbers, email addresses, dates of birth, employment positions, pay amounts, driver’s license numbers, Social Security numbers, account numbers, credit card numbers, routing numbers, account balances, and account statuses

NCB confirmed that client information previously connected with Bank of America credit card accounts was potentially obtained by the unauthorized party. Though the leaked information remains a concern, these particular accounts have already been closed. Now, NCB has assured that the hackers no longer have access to the information in their systems.

Bone & Joint Clinic, S.C.

Bone & Joint Clinic is a multispecialty clinic offering orthopedics, sports medicine, spine, pain management, podiatry, and physical therapy

Company Website: bonejoint.net

Breach Size: 105,094

Data Exposed: name, Social Security number, date of birth, address, health insurance information, contact information, diagnosis and treatment information

In January 2023, Bone & Joint Clinic discovered that they had experienced a data breach. They launched an investigation, and in March 2023, Bone & Joint Clinic began notifying individuals who may have been affected.

Chick-fil-A

American fast food restaurant chain specializing in chicken sandwiches.

Company Website: chick-fil-a.com

Breach Size: 71,000

Data Exposed: name, date of birth, address, email address, Chick-fil-A One membership number, mobile pay number, QR code, credit/debit card number, and the amount of Chick-fil-A credit available.

Chick-fil-A experienced multiple automated attacks in December of 2022 that continued until February of 2023, resulting in a data breach. Due to the breach, hackers likely accessed sensitive customer information.

Blue Shield of California

Health plan provider.

Company Website: blueshieldca.com

Breach Size: 63,341

Data Exposed: email address, name, username, follower count

Blue Shield of California experienced a data breach due to a third-party vendor’s sub-contractor, resulting in leaked personal data. The breach included: names, subscriber ID numbers, diagnoses, medications, addresses, dates of birth, sex, advance directives, family history, social history, allergies, vitals, immunizations, encounter data, assessment ID numbers, and assessment dates. The breach was reported on July 11, 2022, and affected parties were notified via data breach letters.

What to do after your information is compromised in a data breach

When headlines hit with a data breach, questions that commonly come up are:

Was my info leaked?

How do I find out if my information was stolen?

How do you protect yourself after a data breach?

Do I need to change my password?

IDSeal can help

We get it. Being part of a data breach can be scary. While you can’t undo what has already been done, you can be prepared for the fallout when you have IDSeal.

If your information is compromised, chances are it will end up for sale on the dark web. IDSeal members have their personal and financial information monitored around the clock, so if it’s found on the dark web, they will get a notification that includes instructions on the next steps to take.

If your information is used without your consent, IDSeal will be there to help with our licensed restoration specialists. Our protection plans even include up to $1M in insurance to help recover any losses associated with identity theft.

The most important piece? You don’t have to be alone. IDSeal will be by your side every step of the way, from the moment you get an alert and suspect identity theft up until the moment you receive reimbursement for lost funds.