State of (in)security - Week 16, 2024
Take action: Running a system without any backup is a recipe for disaster, even without hackers. Always check that your systems have a valid and functioning backup.
Learn More
In the week between April 15, 2024, midnight and April 22, 2024, midnight we witnessed a total of:
- 11 advisory/vulnerability events
- 22 incident/data breach events
Week over Week comparison of week 16 2024 vs week 15 2024 is: no major change
- Advisories are almost the same, from 12 in week 15 to 11 in week 16. Same thing for incidents, from 24 in week 15 to 22 in week 16.
- The number of known impacted individuals has dropped from over 15 million in week 15 to 5.5 million in week 16.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 5,405,466 impacted individuals across 3 incidents, with the largest breach being the GhostR gang claims theft of 5.3M records of World-Check KYC database incident exposing 5,300,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 7 |
| Third Party Compromise | 3 |
| Unauthorized access | 2 |
| Software Vulnerability and SDLC Exploits | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 6 |
| IT/Software/Technology | 4 |
| Non-profit/Charity | 3 |
| Education | 2 |
| Government | 2 |
| Telecommunications | 1 |
| Finance | 1 |
| Insurance | 1 |
| Retail | 1 |
| Automotive | 1 |
Read the Event Details of the Week
Knowledge
- active attack | OpenMetadata platform flaws exploited to mine cryptocurrency
- active attack | Very advanced phishing campaign targets LastPass users
Vulnerabilities
- data breach | Delinea Secret Server PAM has a critical vulnerability allowing authentication bypass
- critical vulnerability | Critical issues reported in Invision Community forum software
- critical vulnerability | Juniper Networks releases multiple security advisories, three critical
- critical vulnerability | Chirp smart locks vulnerable to unauthorized access due to hardcoded secrets
- critical vulnerability | Ivanti patches another two critical issues its Avalanche MDM product
- critical vulnerability | PuTTY SSH Client flaw allows recovery of ECDSA private keys
- critical vulnerability | Multiple critical vulnerabilities fixed in latest PHP release
- critical vulnerability | Oracle Releases massive critical patch update for April 2024 for 372 flaws, 15 critical
- critical vulnerability | Cisco reports high-severity flaw in Integrated Management Controller, exploit PoC published
- critical vulnerability | CrushFTP warns of actively exploited flaw, users asked to update immediately
- critical vulnerability | Forminator WordPress plugin has a critical flaw exposing over 300k sites
Incidents
- critical vulnerability | MITRE corporation reports cyber attack caused by exploiting Ivanti flaw
- data breach | Cisco Duo security reports third-party data breach exposing SMS MFA logs
- data breach | Randolph Health reports data breach caused by compromised email account
- data breach | The Kenneth Young Center reports data breach
- data breach | Rehabilitation Hospital of Southern New Mexico reports data breach
- data breach | LeSlipFrancais underwear brand reports data breach exposing customer data
- data breach | Bağcılar Training and Research Hospital in Istanbul hit by cyberattack, data loss and data breach
- data breach | Void Interactive hit by data breach, over 4TB of data inlcuding source code stolen
- data breach | Pak Suzuki reports cyberattack, data breach
- data breach | Mobile Guardian data breach exposes data of Singapore schools
- data breach | Libraries in Solano County, California hit by cyberattack, potential data breach
- data breach | Whitehorse City Council reports data breach involving OracleCMS
- data breach | Catholic Diocese of Phoenix reports cyberattack, data breach
- data breach | GhostR gang claims theft of 5.3M records of World-Check KYC database
- data breach | Tyler Technologies hosting reports data breach impacting US government system data
- data breach | Frontier telecom hit by cyberattack, shuts down systems
- data breach | Goddard Systems reports data breach caused by compromised email account
- data breach | Citizens Property Insurance Corporation reports data breach
- ransomware | United Nations Development Programme reports ransomware attack and data breach
- ransomware | Octapharma Plasma closes 150+ donation centers, declaring "network issues", possible ransomware
- ransomware | Atlantic States Marine Fisheries Commission hit by ransom gang attack
- ransomware | Hospital Simone Veil in Cannes postpones medical procedures due to a cyberattack
