State of (in)security - Week 25, 2024
Take action: Misconfigurations and exposed databases are coming back. One thing that should keep you up at night is are your data sets password protected and authenticated, not just shared with the world. Perform frequent checks, and if possible automate some scanning.
Learn More
In the week between June 17, 2024, midnight and June 24, 2024, midnight we witnessed a total of:
- 7 advisory/vulnerability events
- 26 incident/data breach events
Week over Week comparison of week 24 2024 vs week 23 2024:
- Advisories and incidents have decreased. Advisories are down from 15 in week 24 to 7 in week 25. Incidents are down from 31 in week 24 to 26 in week 25.
- The number of known impacted individuals has decreased nearly threefold - from 34.4 million in week 24 to 12.7 million in week 25.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 12,754,907 impacted individuals across 10 incidents, with the largest breach being the Philippine Jollibee Foods Corporation hit by data breach incident exposing 11,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 5 |
| Third Party Compromise | 4 |
| Unauthorized access | 3 |
| Software Vulnerability and SDLC Exploits | 2 |
| System Misconfiguration Exploits | 2 |
| Human bad security behaviour | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| IT/Software/Technology | 4 |
| Finance | 3 |
| Government | 3 |
| Healthcare | 3 |
| Transport/Logistics | 2 |
| Education | 2 |
| Food and Beverage | 2 |
| Gas/Oil | 2 |
| Manufacturing | 2 |
| Consulting/Professional Services | 1 |
| Retail | 1 |
| Entertainment/Leisure | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Active Exploitation reported of SolarWinds Serv-U
Vulnerabilities
- critical vulnerability | Chrome releases new version and patches critical flaws
- critical vulnerability | CISA warns of available exploit PoC for RAD SecFlow-2 Industrial Switch
- critical vulnerability | Critical SQL injection flaw identified in a Facebook module for PrestaShop
- critical vulnerability | Most Adobe Commerce and Magento sites still vulnerable to CVE-2024-34102 "CosmicSting"
- critical vulnerability | NVIDIA patches critical flaws in Triton AI Server
- critical vulnerability | Trellix fixes critical security flaw in Intrusion Prevention System Manager
- critical vulnerability | VMware reports critical issues in vCenter and Cloud Foundation
Incidents
- data breach | Data of sub post-masters across UK leaked by the UK Post Office
- data breach | Financial services holding Globe Life reports potential data breach
- data breach | Doxim Inc. reports data breach
- data breach | ANY.RUN reports security incident caused by employee email compromise and phishing
- data breach | Aultman Hospital reports data breach
- data breach | Wisconsin Department of Health Services reports third party data breach
- data breach | CoinStats crypto portfolio manager reports cyberattack impactink 1,5K crypto wallets
- data breach | Fashion brand Zadig & Voltaire breached, exposing 587K email addresses
- data breach | Philippine Maxicare HealthCare reports data breach
- data breach | Los Angeles Unified School District confirms data breach related to Snowflake breach
- data breach | LendingTree Inc. investigating potential data breach linked to Snowflake
- data breach | Amtrak reports data breach of traveler Guest Rewards
- data breach | Oahu Transit Services reports ransomware attack, customer data potentially compromised
- data breach | AMD confirms claims of data breach by IntelBroker
- data breach | Scout Energy Partners reports data breach
- data breach | Meat supplier Carl Buddig reports data breach
- data breach | Hacker claims breaching Accenture and theft of employee data
- data breach | Association of Texas Professional Educators reports data breach exposing over 400k people
- data breach | Philippine Jollibee Foods Corporation hit by data breach
- data breach | UK Health Club Total Fitness exposes customer personal info and payment card data
- data breach | Baltimore 311 calls data leaked via misconfigured Kibana database
- ransomware | Daicel Corporation reports ransomware attack
- ransomware | Akira ransomware gang claims attack on TETRA Technologies
- ransomware | CDK Global hit by cyberattack, impacts over 15k car dealerships
- ransomware | Forklift manufacturer Crown Equipment shuts down systems after cyberattack
- ransomware | Kansas City, Kansas Police Department hit by ransomware attack, data leaked
