State of (in)security - Week 40, 2023
Take action: Building secure systems is much harder than breaking them. A dangerous hacker group has exposed their own systems by misconfiguring a fairly trivial security action on their own systems. Invest in building your systems security, and in reviewing it persistently
Learn More
In the week between Oct. 2, 2023, midnight and Oct. 9, 2023, midnight we witnessed a total of:
- 8 advisory/vulnerability events
- 19 incident/data breach events
Week over Week comparison of week 40 vs week 39 is an improvement:
- The advisories and incidents are slightly decreasing - 8 advisories versus the previous 11, and 19 incidents verus the previous 20.
- The known impacted individuals from data breaches in week 40 has dropped to around 900,000 from the massive increase 47 million in week 39.
Total impacted individuals via the events of the week
There were a total of 899,883 impacted individuals across 7 incidents, with the largest breach being the RansomedVC claim theft of voter data from DC Board of Elections incident exposing 600,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 5 |
| third party breach | 3 |
| email account breach | 2 |
| phishing | 1 |
| server misconfiguration | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 4 |
| Finance | 3 |
| IT/Software/Technology | 2 |
| Government | 2 |
| Non-profit/Charity | 1 |
| Construction | 1 |
| Telecommunications | 1 |
| Education | 1 |
| Entertainment/Leisure | 1 |
| Hospitality/Events | 1 |
Read the Event Details of the Week
Vulnerabilities
- critical vulnerability | Arm fixes Mali GPU driver flaw that was exploited by spyware
- critical vulnerability | Supermicro Management Controllers expose servers to XSS exploits
- critical vulnerability | Cisco Emergency Responder issues patch to clean up hardcoded credentials
- data breach | Apple releases another patch for iOS 17, fixes several exploited issues
- critical vulnerability | Atlassian Confluence Server critical flaw exploited by hackers
- critical vulnerability | Glibc bug present in all Linux Distributions: not great, not terrible
- critical vulnerability | AI servers vulnerable to code execution via TorchServe vulnerabilities
- critical vulnerability | Qualcomm chips flaws put billions mobile phones at risk, vendors advised to patch
Incidents
- data breach | WhatsApp accounts of Hong Kong schools and service hacked
- data breach | Melbourne Royal Women’s Hospital leaks data of 200 patients
- data breach | European Telecommunications Standards Institute reports data breach
- data breach | Mullvad VPN claims that leaked accounts are not a data leak
- data breach | Vi Living reports data breach, exposes data of 61k residents
- data breach | API Financial Solutions reports data breach, exposes 71,000 people
- data breach | Emerald Financial Services reports MOVEit related data breach
- data breach | Greater Dallas Healthcare Enterprises reports Data Breach exposing patient data
- data breach | RansomedVC claim theft of voter data from DC Board of Elections
- data breach | Arietis Health reports MOVEit related data breach
- data breach | Hackers are selling the data stolen from DNA testing Company 23andMe
- data breach | Lyca Mobile services impacted by cyberattack
- data breach | Sony reports MOVEit related data breach
- data breach | Lorenz crime group leaks their own user data through a website flaw
- data breach | Cornerstone Home Lending reports data breach
- ransomware | Rock County, Wisconsin report ransomware attack of health department
- ransomware | Hackers claim hack on Network Pacific Real Estate, leak 30GB of data
- ransomware | LockBit ransomware group claims reposnibility for CDW breach
- ransomware | Fauquier school district suffers ransomware attack, remains operational
