What events occurred during the week of Sept. 18, 2023, to Sept. 25, 2023?

During this week, there were 10 advisory/vulnerability events, 22 incident/data breach events, and 3 shared practical knowledge items.

How did week 38 compare to week 37?

Week 38 had a similar pattern to the previous week. There was an increase in advisories from 7 to 10, while incidents reduced from 31 to 22. However, the reported number of impacted individuals from data breaches was low due to limited transparency in the incidents reported.

How many individuals were impacted during this week?

A total of 26,336 individuals were impacted across 3 incidents. The largest breach exposed 25,000 individuals in the Hong Kong consumer watchdog suspects data leak after a ransomware attack incident. It's important to note that not all incidents reported the number of impacted individuals, indicating the actual number is likely higher.

What were the causes of the incidents?

The incidents were caused by various factors, including ransomware (8 incidents), third-party breaches (5 incidents), compromised support account (1 incident), data store configuration error with broad permissions (1 incident), and web application exposing too much data (1 incident).

Which industries were most affected by these incidents?

The incidents impacted multiple industries, with healthcare and finance being the most affected (each with 5 incidents), followed by government (3 incidents), transport/logistics (2 incidents), media (1 incident), and others (1 incident).

Knowledge

State of (in)security - Week 38, 2023

published: Sept. 25, 2023

Take action: A lot of active attacks exploiting patch fatigue - especially in large organizations that haven't patched key systems exposed on the internet. Unfortunately as long as we use technology we are not going to avoid the need for security patches.

Learn More

In the week between Sept. 18, 2023, midnight and Sept. 25, 2023, midnight we witnessed a total of:

10 advisory/vulnerability events
22 incident/data breach events

We also shared 3 practical knowledge items

Week over Week comparison of week 38 vs week 37 is an improvement:

Total impacted individuals via the events of the week

There were a total of 26,336 impacted individuals across 3 incidents, with the largest breach being the Hong Kong consumer watchdog suspects data leak after ransomware attack incident exposing 25,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
ransomware	8
third party breach	5
compromised support account	1
data store configuration error, broad permissions	1
web application exposing too much data	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	5
Finance	5
Government	3
Transport/Logistics	2
Media	1
Other	1
Telecommunications	1
Insurance	1
Education	1
Automotive	1
IT/Software/Technology	1

Read the Event Details of the Week

Knowledge

active attack | DeFI Exchange Balancer under active attack, asks users not to log in
critical vulnerability | Three quarters of all Juniper firewalls remain vulnerable to remote unauthenticated attacks
active attack | Healthcare industry targeted by exploiting ManageEngine vulnerabilities

Vulnerabilities

denial of service | BIND 9 DNS server fixes two serious vulnerabilities
critical vulnerability | Critical vulnerabilities detected in Atos Unify suite
critical vulnerability | Nagios IX Network Monitoring fixes Critical Vulnerabilities
critical vulnerability | New vulnerabilities reported in Ivanti Endpoint Manager
critical vulnerability | Drupal patches critical Vulnerability in Drupal Core
critical vulnerability | Siemens Automation License Manager vulnerable to remote takeover
critical vulnerability | Apple releases urgent critical updates to all Apple Products
critical vulnerability | Trend Micro Releases Patches for Critical Vulnerabilities in Endpoint Products
critical vulnerability | GitLab releases critical security updates, urges patching
critical vulnerability | Fortinet Products patch two high severity vulnerabilities

Incidents

critical vulnerability | Cadence Bank reports MOVEit related data breach
data breach | Air Canada reports data breach, exposed employee data
data breach | CryptoTrader.Tax trader data stolen
data breach | Delta Dental of California reports MOVEit related data breach
data breach | Ransomware group claims to have hacked Mulkay Cardiology Consultants
data breach | OpenSea reports third party data breach
data breach | T-Mobile application security issue exposes personal data to other users
data breach | Nansen blockchain analytics reports data breach caused by third-party
data breach | Sutter North Surgery impacted by a data breach at Sightpath Medical
data breach | Mountrail County Medical Center reports data breach caused by third party DMS Health Tech
data breach | Hillsborough County Public Schools report cyberattack and data breach
data breach | BMO Bank reports Data Breach exposing customer data
data leak | Microsoft AI research team leaks 38TB of data
ransomware | Australian Logistics Company compromised by ransomware gang
ransomware | International Criminal Court hacked
ransomware | Azerbaijan news site Mikroskop offline due to ransomware
ransomware | AlphV ransomware gang threatens to leak data of Pain Care Specialists
ransomware | Hong Kong consumer watchdog suspects data leak after ransomware attack
ransomware | Bermuda Government IT services impacted by cyberattack
ransomware | Alphv ransomware group claims they have compromised audio giant Clarion
ransomware | LockBit ransomware gang threatens to leak The Weather Network data
ransomware | Philippine Health Insurance targeted by ransomware

Read More
State of (in)security - Week 47, 2024
State of (in)security - Week 43, 2025
State of (in)security - Week 47, 2025
State of (in)security - Week 36, 2025
State of (in)security - Week 9, 2024