State of (in)security - Week 4, 2024
Take action: Patching critical issues on live platforms is difficult, tedious and nobody wants to do it because it breaks production. Yet you are helping the crime groups since they WILL find your vulnerable system. You may think it's not your job to patch something, but it's definitely the criminals job to hack it - It's how they earn money.
Learn More
In the week between Jan. 22, 2024, midnight and Jan. 29, 2024, midnight we witnessed a total of:
- 8 advisory/vulnerability events
- 24 incident/data breach events
Week over Week comparison of week 3 2024 vs week 4 2024 is: massive data leaks.
- Advisories and incidents are somewhat reduced. Advisories have dropped from 10 in week 3 to 8 in week 4 and incidents have dropped from 27 in week 3 to 24 in week 4.
- The number of known impacted individuals is massively increased from 643 thousand to over 76 million.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 76,663,000 impacted individuals across 6 incidents, with the largest breach being the Thailand citizens vaccine registration records data published online incident exposing 55,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 8 |
| credential stuffing | 1 |
| database configuration error, exposed w/o password online | 1 |
| compromised account | 1 |
| human error, exposing files on intranet | 1 |
| web scraping | 1 |
| human error | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| IT/Software/Technology | 4 |
| Food and Beverage | 2 |
| Government | 2 |
| Utilities | 2 |
| Finance | 2 |
| Energy | 1 |
| Telecommunications | 1 |
| Transport/Logistics | 1 |
| Aviation | 1 |
Read the Event Details of the Week
Knowledge
- data breach | Massive collection of breached data with 26 billion records puts majority of internet users at risk
- active attack | Thousands of exploit attacks on Atlassian Confluence, week after disclosing the issue
Vulnerabilities
- critical vulnerability | Critical issue in Better Search Replace plugin for WordPress
- critical vulnerability | Cisco patches critical flaw in Unified Communications Products
- critical vulnerability | Jenkins fixes a critical issue allowing unauthenticated access to controller
- critical vulnerability | CISA reports critical security flaws in SystemK's NVR 504/508/516
- critical vulnerability | Opteev MachineSense FeverWarn contains critical vulnerabilities, one 10/10
- critical vulnerability | GitLab fixes critical arbitrary file write flaw
- critical vulnerability | Apple releases MacOS 14.3, iOS 17.3 fixing flaws actively exploited by hackers
- critical vulnerability | Fortra GoAnywhere File Transfer has a new critical vulnerability
Incidents
- data breach | Scraped data of 15 million Trello users for sale on the dark web
- data breach | Sirius Federal reports data breach after cyber attack
- data breach | Coastal Hospice & Palliative Care reports data breach
- data breach | Dutch Coronalab.eu data leak exposes 1.3 million COVID test records
- data breach | Kansas Joint and Spine Specialist reports data breach
- data breach | Dawson James Securities reports data breach
- data breach | San Diego Police Department employee data breached through a vulnerability on website
- data breach | Des Moines Orthopaedic Surgeons reports data breach
- data breach | Anthropic reports data breach due to human error
- data breach | United Medical Centers reports data breach
- data breach | Plaza Radiology Chattanooga Imaging reports data breach, exposing 569k patients
- data breach | Hacker claims data breach on Telekom Malaysia, stealing data of 20 million users
- data breach | Thailand citizens vaccine registration records data published online
- data breach | Restaurant chain Jason’s Deli reports customer account compromised
- data breach | HP Enterprise reports Midnight Blizzard hacked the cybersec team's email accounts
- ransomware | Southern Water UK water company reports cyberattack
- ransomware | UT Health Tyler reports data breach after ransomware attack
- ransomware | Veolia North America water services reports ransomware attack
- ransomware | Hunters ransomware gang claims attack Double Eagle Energy Holdings
- ransomware | Kansas City Area Transportation Authority reports ransomware attack
- ransomware | Bucks County hit by ransomware, emergency dispatch system down
- ransomware | AerCap Holdings aircraft leasing reports ransomware attack
- ransomware | EquiLend stock-lending platform down after ransomware attack
- ransomware | Japan Foods Holding reports ransomware attack
