State of (in)security - Week 4, 2024

published: Jan. 29, 2024

Take action: Patching critical issues on live platforms is difficult, tedious and nobody wants to do it because it breaks production. Yet you are helping the crime groups since they WILL find your vulnerable system. You may think it's not your job to patch something, but it's definitely the criminals job to hack it - It's how they earn money.


Learn More

In the week between Jan. 22, 2024, midnight and Jan. 29, 2024, midnight we witnessed a total of:
  • 8 advisory/vulnerability events
  • 24 incident/data breach events

Week over Week comparison of week 3 2024 vs week 4 2024 is: massive data leaks.

We also shared 2 practical knowledge items
Total impacted individuals via the events of the week

There were a total of 76,663,000 impacted individuals across 6 incidents, with the largest breach being the Thailand citizens vaccine registration records data published online incident exposing 55,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents
Cause Number of incidents
ransomware 8
credential stuffing 1
database configuration error, exposed w/o password online 1
compromised account 1
human error, exposing files on intranet 1
web scraping 1
human error 1
Industry breakdown of incidents
Industry Number of incidents
Healthcare 7
IT/Software/Technology 4
Food and Beverage 2
Government 2
Utilities 2
Finance 2
Energy 1
Telecommunications 1
Transport/Logistics 1
Aviation 1

 

 

Read the Event Details of the Week

Knowledge

Vulnerabilities

Incidents

State of (in)security - Week 4, 2024