State of (in)security - Week 27, 2024
Take action: Scramble to check your OpenSSH versions you are running and the OpenSSH versions on your routers. Part of SSH versions are vulnerable. Be very careful of providing your data to AI systems. Despite assurances that current AI technologies are secure, this incident shows that corporations want to process all your data but are very selective at being transparent in security practices, incidents and remediations.
Learn More
In the week between July 1, 2024, midnight and July 8, 2024, midnight we witnessed a total of:
- 8 advisory/vulnerability events
- 31 incident/data breach events
Week over Week comparison of week 27 2024 vs week 26 2024:
- Advisories and incidents have slightly decreased. Advisories are down from 10 in week 26 to 8 in week 27. Incidents are down from 34 in week 26 to 31 in week 27.
- The number of known impacted individuals has increased dramatically - from 319 thousand in week 26 to over 36 million in week 27.
We also shared 3 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 36,987,130 impacted individuals across 13 incidents, with the largest breach being the Twilio confirms data breach exposing 33M phone numbers of Authy service incident exposing 33,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 6 |
| Unauthorized access | 4 |
| Third Party Compromise | 3 |
| Social Engineering and Phishing | 1 |
| Software Vulnerability and SDLC Exploits | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 9 |
| IT/Software/Technology | 8 |
| Government | 7 |
| Entertainment/Leisure | 2 |
| Other | 1 |
| Retail | 1 |
| Finance | 1 |
| Insurance | 1 |
| Non-profit/Charity | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Cisco patches an NX-OS flaw used in attempted exploitation
- active attack | Hackers are attacking a critical RCE flaw in Rejetto HTTP File Server 2.3m
- awareness | Updated meta-password collection "RockYou" published containing 10 billion credentials
Vulnerabilities
- critical vulnerability | Critical flaws reported in CocoaPods dependency manager for iOS/macOS
- critical vulnerability | Critical Remote Code Execution Vulnerability in OpenSSH's Server
- critical vulnerability | Critical vulnerability that bypasss attachment filter found in Exim Mail Transfer
- critical vulnerability | Google releases July 2025 patch package including fix for a critical flaw in Android 12/12L
- critical vulnerability | Logsign patches critical flaws exposing systems to takeover
- critical vulnerability | mySCADA myPRO fixes critical flaw
- critical vulnerability | Samsung releases Jylu security update, still missing the fix for critical CVE-2024-32896
- critical vulnerability | Splunk patches multiple severe flaws, some with PoC exploits
Incidents
- data breach | Mobile Medical Response Warns Patients About PHI Breach
- data breach | Hacker claims breach of SD Biosensor Healthcare Private Limited
- data breach | Hacker claims data breach of 70k visitors of Bol d’Air Adventure park
- data breach | OpenAI internal communication systems breached, AI technology details stolen
- data breach | Information about Syrian refugees residing in Turkey breached, shared on Telegram
- data breach | Hacker IntelBroker leaks alleged Cognizant Insurance Model Office for OIPA data
- data breach | Ambulatory Surgery Center of Westchester reports data breach exposing 22k people
- data breach | Patelco credit union reports cybersecurity incident causing system outage
- data breach | Florida Community Health Centers reports data breach
- data breach | Landmark Admin life insurance reports data breach
- data breach | Bloom Health Centers reports secodn data breach within one year
- data breach | Ophthalmology Texas Retina Associates reports data breach affecting 312K people
- data breach | Roblox reports thrid party data breach of video game developers data
- data breach | FIA, governing body of Formula 1 reports data breach
- data breach | HealthEquity reports data breach through a third party partner
- data breach | Alabama State Department of Education reports data breach
- data breach | Shopify blames breach of customer data on third-party app
- data breach | Roll20 platform for tabletop games reports data breach
- data breach | Twilio confirms data breach exposing 33M phone numbers of Authy service
- data breach | New Mexico Public Defenders reports cyberattack and data breach
- data breach | Alleged Data Breach at Australian Mining Software Firm Opaxe Pty Ltd
- data breach | Gaia Software reports data breach exposing personal and health data
- data breach | Hacker claims breach of Philipine Department of Foreign Affairs, sells data
- data breach | Arcis Golf reports data breach exposing customer SSNs
- data breach | SkinCure Oncology reports data breach
- ransomware | Louisiana Special School District hit by Akira ranosmware gang, data stolen
- ransomware | Waupaca County reports ransomware attack disrupting computer systems
- ransomware | City of Cedar Falls reports ransomware attack
- ransomware | RansomHub gang claims breach and data theft from Florida Department of Health
- ransomware | New Zealand Elite Fitness hit by ransomware attack
- ransomware | Harry Perkins Institute of Medical Research hit by Medusa ransomware gang, possible data breach
