According to security researchers at Netacea, the typical business in the US and UK loses over 4% of their online revenue every year due to malicious bot attacks. The researchers surveyed 440 businesses with an average online revenue of $1.9bn across the travel, entertainment, e-commerce, financial services, and telecoms sectors in the US and the UK. The researchers found that the average firm loses $85.6m annually to bot attacks, up from $33.3m per business in 2020. The researchers noted that this is far greater than the average ransom payment or GDPR fine.

T-Mobile customers reported being able to see the account and billing information of others after logging into the company's official mobile app. According to user reports, the exposed information included consumers' names, phone numbers, addresses, account balances, and credit card information, such as expiration dates and the last four digits. While a large number of reports began appearing on Reddit and Twitter on September 20, some T-Mobile customers claimed to have experienced this for the last two weeks.

A financially motivated threat actor has been identified as an Initial Access Broker (IAB) who sells access to compromised organizations to other adversaries to perform follow-on attacks. The SecureWorks Counter Threat Unit (CTU) has named the group Gold Melody, which also goes by the names Prophet Spider and UNC961. According to the cybersecurity company, this financially motivated group has been active since at least 2017, exploiting vulnerabilities in unpatched Internet-facing servers to compromise organizations.