Each year, the costs of data breaches continue to rise, and there haven’t been many signs that this trend will slow down any time soon.

In 2014, the average data breach cost companies $3.5 million. Fast forward to 2023, and the number has risen 30% since 2014, with the average breach costing companies $4.45 million.

Organizations will continue to be targets for cybercriminals. While these large figures will ensure companies will do all they can to avoid experiencing a data breach, individuals need to be prepared to take the proper steps to protect themselves should their information become compromised.

In this installment of the BlackCloak Thursday Threat Update, we’ll cover a recent cyber attack affecting 23andMe customers, as well as a warning issued by the FBI over a slate of cyber scams targeting senior citizens.


23andMe targeting affects millions of customers

What we know: Cybercrimianls breached systems belonging to 23andMe, compromising the data of millions of customers. One of the malicious actors released one million lines of data belonging to Ashkenazi people, and said they would sell data profiles in bulk for one to 10 dollars. Exposed information included customers’ names, usernames, profile photos, dates of birth, geographical location and genetic ancestry results.

Recommendations: In its response to the incident, 23andMe said it will notify anyone who had their data accessed without their permission. The genetic testing company is requiring all customers to reset their passwords. Be sure the new password is complex and unique. Do not reuse any passwords from other services. Additionally, 23andMe recommends customers implement multifactor authentication for their accounts, and have provided steps for how to do so on their website.


FBI issues warning over scams targeting seniors

What we know: The FBI issued a warning over a nationwide increase in “Phantom Hacker” scams targeting senior citizens. “Phantom Hacker” scams are an evolution of the more commonly seen tech support scams. The scam works in three phases, where malicious actors will pose as a tech support representative, then as a representative from a financial institution and then a government official. The scammers will pose as these three representatives to trick senior citizens into believing their finances are at risk, ultimately hoping to trick victims into turning over money to an account in their control.

Recommendations: In the warning, the FBI advises citizens to avoid clicking unsolicited pop-ups and links and attachments found in emails and text messages sent from an unrecognized party. Do not call any phone numbers in these communications and do not allow anyone to take control of your device. The FBI added anyone who may have fallen victim to this scam to report it to the FBI’s Internet Crime Complaint Center, and reminded everyone that the government will never ask for money under any circumstance.


Protect your digital identity and accounts

Cybercriminals would love to get their hands on your valuable personal information, and they will do whatever it takes to accomplish their goals. 


To protect yourself, learn how to protect your digital identity from social engineering attacks and how you can prevent malicious actors from taking over your accounts.