How many advisory/vulnerability and incident/data breach events occurred in the week between March 4, 2024, and March 11, 2024?

During the week between March 4, 2024, and March 11, 2024, there were a total of 7 advisory/vulnerability events and 22 incident/data breach events.

How does week 10 of 2024 compare to week 9 of 2024 in terms of cybersecurity events?

Week over week comparison shows that week 10 of 2024 was slightly better than week 9 of 2024. Advisories and incidents remained exactly the same, with 7 advisories and 22 incidents. However, the number of known impacted individuals dropped to 7 million from nearly 20 million in the previous week.

What were some key knowledge items shared in week 10 of 2024?

Two practical knowledge items shared were about the active attack on JetBrains TeamCity urging users to patch immediately, and raising awareness about patching still being a huge problem, highlighted by 150k unpatched Fortinet devices on a 1 month old critical flaw.

Knowledge

State of (in)security - Week 10, 2024

Q: What was the total number of individuals impacted by cybersecurity events in week 10 of 2024?

There were a total of 7,768,019 impacted individuals across 9 incidents, with the largest breach being the Glosbe online dictionary leaks 7M users data via exposed database incident, exposing 7,000,000 individuals. The real number is definitely higher as not all incidents report a number of impacted individuals.

published: March 11, 2024

Take action: Secure wipe of old hard drives is tedious and universally hated. Until someone throws out a hard drive full of sensitive data and someone finds out, leaks, sells or abuses the discarded data. Accept the tedious process, it's still much easier than having to do incident cleanup after a data leak.

Learn More

In the week between March 4, 2024, midnight and March 11, 2024, midnight we witnessed a total of:

7 advisory/vulnerability events
22 incident/data breach events

Week over Week comparison of week 10 2024 vs week 9 2024 is: slightly better.

We also shared 2 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 7,768,019 impacted individuals across 9 incidents, with the largest breach being the Glosbe online dictionary leaks 7M users data via exposed database incident exposing 7,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Third Party Compromise	5
Malware, Ransomware and Related Attacks	4
System Misconfiguration Exploits	2
Unauthorized access	2
Human bad security behaviour	1
Software Vulnerability and SDLC Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
IT/Software/Technology	4
Government	3
Insurance	3
Education	3
Utilities	1
Entertainment/Leisure	1
Finance	1
Food and Beverage	1
Consulting/Professional Services	1

Read the Event Details of the Week

Knowledge

active attack | JetBrains TeamCity under active attack by hackers, patch NOW
awareness | Patching still a huge problem - 150k unpatched Fortinet devices on 1 month old critical flaw

Vulnerabilities

critical vulnerability | JetBrains fixes two critical issues in TeamCity, patch ASAP
critical vulnerability | VMware releases patch for Workstation, Fusion and ESXi critical issues
critical vulnerability | Apple patches actively exploited critical flaws in latest iOS releases
critical vulnerability | Google releases Android March 2024 patches, including fixes for two critical issues
critical vulnerability | Cisco patches high-severity flaws in it's Cisco Secure VPN Client
critical vulnerability | Foxit PDF releases version that fixes over 50 security issues, some critical
critical vulnerability | QNAP fixes critical authentication flaw in it's QTS, QuTS and myQNAPcloud

Incidents

data breach | Microsoft confirms hackers breached their internal systems, stole source and some customer data
data breach | Park City school district reports third party data breach
data breach | Australian Star Entertainment casinos reports third party breach through HWL Ebsworth
data breach | American Express reports third party vendor breach, cards data exposed
data breach | Aetna Life Insurance reports data breach
data breach | Fidelity reports third party breach caused by Infosys McCamish Systems
data breach | Bay Area Anesthesia, a division of Envision reports third party breach
data breach | Laurentian University reports data breach after cyber attack
data breach | NewGen Administrative Services reports data breach, impacting over 100k people
data breach | Western National group reports data breach
data breach | Yakima Valley Radiology reports data breach, exposing over 230k people
data breach | WayForward Technologies game studio data leak through discarded hard drive
data breach | Jersey Islands finance regulator reports data leak due to misconfiguration
data breach | Northeast Orthopedics report data breach impacting over 177k individuals
data breach | Glosbe online dictionary leaks 7M users data via exposed database
data breach | South Africa government agency shuts down systems, tries to deny data breach
data breach | Greensboro College reports data breach
data breach | Hacker claims breach of Acuity federal contractor, selling immigration agencies data
ransomware | City of Hamilton hit by ransomware, shuts down multiple services
ransomware | Muscatine Power and Water hit by ransomware, breached data of 37K individuals
ransomware | Ransomware disrupts beer production at major Belgian brewery Duvel Moortgat
ransomware | ZircoDATA hit by Black Basta ransomware

Read More
State of (in)security - Week 34, 2025
State of (in)security - Week 29, 2025
State of (in)security - Week 42, 2023
State of (in)security - Week 11, 2024
State of (in)security - Week 13, 2025