In $2023,$ VoIP software provider $3$CX was breached by multiple supply chain attacks. $3$CX is a software company whose application is used in a wide variety of industries for calls. In March $2023,$ their desktop application which serviced about $12$ million users was compromised and allowed malicious users to access the machines that had their application installed. When this incident was investigated it was revealed that the issue originated from an earlier supply chain attack on a software package from a company called Trading Technologies that was being used by $3$CX$.$ This later lead to $3$CX$\text{'}$s application being compromised and consequently the machines of the users. The compromised machines would then download malware that gave access to the hackers. The outsourcing of some of the software that $3$CX was using to an outside company may have contributed to the damage to their system. $3$CX had been targeted by a group of state$-$backed North Korean hackers, that occurred due to their software development process.

In terms of the implications for project management, there are a few to consider. First, is that when a project requires a large supply chain, there are more points of attack for potential malicious actors. Project managers need to be wary of the risks that come with larger scale. Second, they have to ensure that there are proper inspections for large projects. It can be easy to keep track of every aspect of a small project, but as it gets bigger and more supply chains and entities are involved, the project needs to be structured in a way that allows the manager to inspect the project in a manageable manner. Third, we have to consider the interaction between other fields. In the example of $3$CX$,$ they were compromised by a foreign hacker group with ties to a state government. Users of $3$CX might not have considered themselves a likely target for cyberattack, but $3$CX should have been aware of the risk and taken appropriate measures.