What were the cybersecurity event statistics for the week between March 25, 2024, and April 1, 2024?

During the week between March 25, 2024, and April 1, 2024, there were 6 advisory/vulnerability events and 24 incident/data breach events reported.

How did the cybersecurity events of week 13 2024 compare to week 12 2024?

In week 13 2024, advisories were reduced a third from 9 in week 12 to 6 in week 13, while incidents remained at 24. The number of known impacted individuals dropped from 900,000 in week 12 to just 46,000 in week 13.

What was the largest breach reported in the week?

The largest breach reported was the Hacker 'IntelBroker' claims breach of ECB, which exposed 43,000 individuals. This breach is believed to involve a cricket club, not the central bank.

What types of incidents were reported in the week?

The incidents reported included Malware, Ransomware and Related Attacks (5 incidents), Unauthorized access (3), Social Engineering and Phishing (1), Software Vulnerability and SDLC Exploits (1), and Third Party Compromise (1).

Which industries were affected by the reported incidents?

The industries affected included Healthcare (8 incidents), Government (5), Education (3), Retail (2), Entertainment/Leisure (2), IT/Software/Technology (1), Media (1), Non-profit/Charity (1), Insurance (1).

Knowledge

State of (in)security - Week 13, 2024

published: April 1, 2024

Take action: Should you trust VPN services these days? Who owns them, who gets to read the data within the VPN? Even more, if somebody is paying you to install an app on your device, you are not only a product. You are now actively spied on, and you have no idea what for.

Learn More

In the week between March 25, 2024, midnight and April 1, 2024, midnight we witnessed a total of:

6 advisory/vulnerability events
24 incident/data breach events

Week over Week comparison of week 13 2024 vs week 12 2024 is: even better

We also shared 3 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 46,740 impacted individuals across 3 incidents, with the largest breach being the Hacker 'IntelBroker' claims breach of ECB, which appears to be a cricket club, not central bank incident exposing 43,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Unauthorized access	3
Social Engineering and Phishing	1
Software Vulnerability and SDLC Exploits	1
Third Party Compromise	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	8
Government	5
Education	3
Retail	2
Entertainment/Leisure	2
IT/Software/Technology	1
Media	1
Non-profit/Charity	1
Insurance	1

Read the Event Details of the Week

Knowledge

active attack | Active exploit campaign named ShadowRay targets Ray AI framework
active attack | CISA warns of Microsoft SharePoint vulnerability actively exploited
awareness | Facebook spied on competitors via VPN MITM, claims legality via "user consent"

Vulnerabilities

critical vulnerability | Adobe fixes ColdFusion arbitrary file read vulnerability
critical vulnerability | Apple details vulnerability after releasing iOS/iPadOS patch 17.4.1
critical vulnerability | Google patches multiple vulnerabilities after hacking competition Pwn2Own Vancouver 2024
critical vulnerability | Red Hat raises alarm of malicious code in Fedora 'xz' library - Act ASAP
critical vulnerability | Microsoft Edge releases fix for the Chromium flaws found during Pwn2Own Vancouver
critical vulnerability | Ubuntu fixes X.Org X Server flaws, one critical

Incidents

data breach | Pivotal Software reports phishing attack, data breach
data breach | Brigham and Women’s Physician Organization reports third party data breach
data breach | Cherry Health reports data breach
data breach | Groton public schools report data breach
data breach | Lubbock based Trustpoint Rehabilitation Hospital reports data breach
data breach | Alamo Insurance Group reports data breach caused by compromised email account
data breach | Singapore Poh Heng Jewellery reports data breach exposing customer data
data breach | Risas Dental & Braces reports data breach exposing patient data
data breach | Pembina County Memorial Hospital reports data breach
data breach | Newton School District reports data breach
data breach | Hacker 'IntelBroker' claims breach of ECB, which appears to be a cricket club, not central bank
data breach | Southern Nevada Health District reports data breach, exposes data of 300 patients
data breach | California Department of Food and Agriculture reports data breach
data breach | Haverford Township reports data breach
data breach | Dedicated Senior Medical Center reports data breach
data breach | Affinity Health Services reports data breach exposing employees and patients
data breach | Hot Topic chain reports new credential stuffing attacks
phishing | Official email account for the Belgian Grand Prix compromised by hackers, used for phishing
ransomware | Town of Huntsville reports ransomware attack
ransomware | Communications Workers Union reports cyber attack
ransomware | The Big Issue newspaper attacked by Qilin ransomware gang
ransomware | City of St. Cloud reports ransomware attack
ransomware | Gilmer County in Georgia reports ransomware attack, disconnects systems
ransomware | INC ransomware gang claims attack on Florida Memorial University

Read More
State of (in)security - Week 10, 2026
State of (in)security - Week 40, 2023
State of (in)security - Week 21, 2025
Everyone should do better than Veritas who's fixing …
State of (in)security - Week 17, 2024