State of (in)security - Week 33, 2023
Take action: Have you checked where your backup hard drives are stored, and whether they are really there? A lot of data is kept on backup hard drives, and those are quite portable and easy to move around - even to steal. While you are checking, think about not recycling your passwords on multiple sites, since hackers don't have to bother to steal your hard drive, just reuse your old leaked passwords.
Learn More
In the week between Aug. 14, 2023, midnight and Aug. 21, 2023, midnight we witnessed a total of:
- 9 advisory/vulnerability events
- 33 incident/data breach events
We also shared 1 practical knowledge items
Week over Week comparison of week 33 vs week 32 is again a mixed bag:
- There is a downward trend in advisories and a significant upward trend in incidents: down 5 critical vulnerabilites but up 10 incidents.
- The known impacted individuals from data breaches is back to the 3 million range from the massive over 40 million in week 32.
Total impacted individuals via the events of the week
There were a total of 2,909,548 impacted individuals across 11 incidents, with the largest breach being the Fidelity National Information Services repords MOVEit Data breach impacting 873,000 bank customers incident exposing 873,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| third party breach | 14 |
| ransomware | 8 |
| brute force password guessing, recycled passwords | 1 |
| human error | 1 |
| lost/stolen data drive | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 8 |
| Education | 5 |
| Government | 4 |
| Finance | 4 |
| Consulting/Professional Services | 2 |
| Construction | 2 |
| Retail | 1 |
| Entertainment/Leisure | 1 |
| Insurance | 1 |
| IT/software | 1 |
| IT/Software/Technology | 1 |
| Aviation | 1 |
Read the Event Details of the Week
Knowledge
- awareness | Step-by-step: How Hacker Group 'LabRat' Works to abuse your computer to mine crypto and rent it to others
Vulnerabilities
- critical vulnerability | Ford reports Vulnerability in WiFI SYNC 3, cars vulnerable while engine is running
- critical vulnerability | Ivanti reports another critical vulnerability - this time in Ivanti Avalanche
- critical vulnerability | IBM Security Guardium critical vulnerability allows execution arbitrary commands
- critical vulnerability | Data centre PDU Dataprobe iBoot fixes Vulnerabilities including one critical
- critical vulnerability | WinRAR fixes High Severity Vulnerability, update recommended
- critical vulnerability | Google releases Chrome 116 Update, fixes eight High Severity Vulnerabilities
- critical vulnerability | Juniper issues out-of-band fix for critical vulnerability in Junos OS SRX Series and EX Series
- critical vulnerability | Vulnerabilities in ScrutisWeb, including critical, expose remote ATMs to attack and theft
- critical vulnerability | OpenNMS Horizon vulnerable to XXE attack
Incidents
- account hacking | LinkedIn accounts targeted in massive account hijacking effort
- critical vulnerability | University of Buffalo Dental Clinic reports MOVEit related Data Breach
- data breach | University of Missouri System reports MOVEit related data breach
- data breach | University of Massachusetts Chan Medical School reports MOVEit data breach, affects over 134,000
- data breach | Temple Terrace Fire Department reports MOVEit related data breach
- data breach | Fidelity National Information Services repords MOVEit Data breach impacting 873,000 bank customers
- data breach | Augusta Fire Rescue impacted by third party supplier MOVEit related data breach
- data breach | Banco Popular Puerto Rico reports MOVEit related data breach through PwC Audit
- data breach | Geico reports MOVEit related breach of employee data in internal letter
- data breach | Ernst & Young US Reports MOVEit Data Breach, Exposing Bank of America Clients
- data breach | Baltimore County impacted by MOVEit related data breach
- data breach | Payroll Company Entertainment Partners reports significant data breach, exposes half million individuals
- data breach | Discord.io custom invite service confirms data breach as hacker sells data of 760K users
- data breach | Liquor Control Board of Ontario reports data breach, leaks customers' information
- data breach | Jefferson Cherry Hill hospital reports data breach, informs patients
- data breach | United Bank reports MOVEit related data breach
- data breach | Bailey Cavalieri LLC repords Data Breach impacting over 200,000 persons
- data breach | Personal information of victims, suspects, witnesses leaked in Norfolk and Suffolk Police data breach
- data breach | EMS Management and Consultants reports MOVEit related data breach
- data breach | CentroMed medical center reports data breach impacting 350,000 individuals
- data breach | Luxair reports data breah, exposing customer information
- ransomware | Crime gang BianLian claims unnamed UK jeweller compromised by their ransomware
- ransomware | Tennessee school impacted by ransomware
- ransomware | Optimum Health Solutions reports Data Breach
- ransomware | Play crime group lists Algorry Zappia & Associates as a data breach victim
- ransomware | Bunker Hill Community College reports ransomware attack
- ransomware | Prince George's County Public Schools hit by cyberattack
- ransomware | Argentinian Comprehensive Medical Care Program (PAMI) hacked, stolen data published
- ransomware | Construction company CB Group Australia impacted by ransomware attack
- ransomware | Cleveland City Schools reports ransomware attack, minor impact
- ransomware | NoEscape claims Australian Domain Name Administrator breached, later provides evidence
- ransomware | Clorox shuts down servers, reports hacker intrusion
- ransomware | Siemens Healthineers confirm ransomware attack of Varian, no details available
