State of (in)security - Week 18, 2023
Take action: User and password management are the start of good security hygiene. Always remove departed users from systems, and don't recycle passwords. Sharing of data is too easy, so always consider whether your file share is protected if leaked. Keep data collection at a minimum, since when it leaks the more data you have, the more problems you will have. And as always, patch as soon as you can, being optimistic about vulnerabilities doesn't help you in the long run.
Learn More
In the previous week we witnessed a total of:
- 3 advisory/vulnerability events
- 13 reported incident/data breach events
Total impacted individuals via the events of the week
There were a total of 1,064,020 impacted individuals across three incidents, with the largest breach being the NexGen Healthcare incident exposing a cool 1 million individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| Legal | 2 |
| Information Technology | 1 |
| Social Media | 1 |
| Government | 1 |
| Museums | 1 |
| Print Media | 1 |
| Telecom | 1 |
Read the Event Details of the Week
Vulnerabilities
- critical vulnerability | Cisco Warns of Critical Vulnerability in EoL Phone Adapters
- critical vulnerability | Critical Vulnerabilities In Illumina Universal Copy Service Devices
- critical vulnerability | Critical Siemens RTU vulnerability exposes risk to Power grids
Incidents
- ransomware | Ransomware Attack Disrupts Courts and Municipal Services in Dallas
- ransomware | Ransomware attack disrupts South Carolina county | SC Media
- ransomware | Australian law firm HWL Ebsworth impacted by ransomware
- data breach | Catholic Health Buffalo patients potential victim to data breach
- data breach | Kansas hospital data breach - 19,000 affected
- data breach | Data breach of MSI Leaks Intel BootGuard OEM Image Signing Keys
- data breach | Twitter exposed private Circle tweets
- data breach | NextGen Healthcare Reports Data Breach affecting 1M records
- data breach | Hacking group claims breach of law firm HWL Ebsworth
- data breach | More Than 45,000 Met Opera Customers Exposed in Data Breach
- data breach | Our Sunday Visitor Publication Suffers Data Breach
- data breach | American College of Pediatricians suffers data leak from misconfigured storage
- data breach | T-Mobile reports second data breach of 2023
