State of (in)security - Week 2, 2024

published: Jan. 15, 2024

Take action: Don't ignore security on social media. Four hijacks of Twitter accounts in a very short time.


Learn More

In the week between Jan. 8, 2024, midnight and Jan. 15, 2024, midnight we witnessed a total of:
  • 15 advisory/vulnerability events
  • 29 incident/data breach events

Week over Week comparison of week 2 vs week 1 is much much worse.

We also shared 5 practical knowledge items
Total impacted individuals via the events of the week

There were a total of 155,154,024 impacted individuals across 8 incidents, with the largest breach being the All citizens of Brazil exposed through unprotected Elasticsearch instance incident exposing 150,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents
Cause Number of incidents
ransomware 8
third party breach 3
human error 3
database configuration error, exposed w/o password online 3
compromised account 1
unsecured web server 1
phishing 1
unpatched software vulnerability 1
unsecured API 1
Industry breakdown of incidents
Industry Number of incidents
Government 7
Healthcare 3
IT/Software/Technology 3
Consulting/Professional Services 2
Entertainment/Leisure 2
Manufacturing 2
Non-profit/Charity 2
Retail 2
Telecommunications 2
Finance 1
Transport/Logistics 1
Military/Defense 1
Travel 1
Read the Event Details of the Week

Knowledge

Vulnerabilities

Incidents

State of (in)security - Week 2, 2024