How many advisory/vulnerability events occurred in the week of Oct. 30, 2023 to Nov. 6, 2023?

There were a total of 6 advisory/vulnerability events.

How many incident/data breach events were there in the same week?

There were 22 incident/data breach events reported.

What was the week-over-week comparison of incidents for week 44 of 2023?

Week 44 of 2023 saw an improvement with 6 advisories compared to 7 the previous week, and 22 incidents versus 24 in the previous week. However, it was alarming due to the record breaking data breach incident affecting over 815 million individuals.

What was the total number of individuals impacted by data breaches in that week?

A total of 815,824,025 individuals were impacted across 8 incidents, with the largest breach exposing the data of 815 million citizens of India.

What were the main causes of incidents during that week?

The main causes of incidents were ransomware (9 incidents), third party breach (5 incidents), email account breach (2 incidents), database configuration error (1 incident), and SQL injection (1 incident).

Which industries were most affected by the incidents?

The industries most affected were Healthcare, IT/Software/Technology, and Finance, each with 4 incidents, followed by Manufacturing and Government with 2 each, and several other industries experiencing 1 incident.

What were some of the key vulnerabilities and attacks reported during the week?

Key reports included active exploitation of F5 BIG-IP Vulnerabilities and Apache ActiveMQ Vulnerability, as well as critical vulnerabilities in Confluence, phpFox, ME RTU devices, Weintek EasyBuilder Pro, Cisco Firepower Management Center, and Remote Desktop Manager.

Can you provide details on some of the data breaches and ransomware attacks that occurred?

Notable data breaches included those affecting the Toronto Public Library, LastPass, Ace Hardware, and various healthcare groups. Ransomware attacks were claimed by groups such as Play, which targeted Dallas County, and other attacks affected American Airlines Pilots Union and Ontario hospitals.

Knowledge

State of (in)security - Week 44, 2023

published: Nov. 6, 2023

Take action: When you are handed huge amounts of data of individuals, you are handed huge responsibility. It's not easy to secure such a data set, so communicate risks and be pessimistic. Because we saw from the lastpass breach that if someone sees value in breaching your data, they will invest a lot of time and money.

Learn More

In the week between Oct. 30, 2023, midnight and Nov. 6, 2023, midnight we witnessed a total of:

6 advisory/vulnerability events
22 incident/data breach events

Week over Week comparison of week 44 vs week 44 is - terrifying:

We also shared 2 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 815,824,025 impacted individuals across 8 incidents, with the largest breach being the The data of 815 million citizens of India for sale via breach of Covid19 data records incident exposing 815,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
ransomware	9
third party breach	5
email account breach	2
database configuration error, exposed w/o password online	1
sql injection	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	4
IT/Software/Technology	4
Finance	4
Manufacturing	2
Government	2
Telecommunications	1
Consulting/Professional Services	1
Education	1
Retail	1
Aviation	1

Read the Event Details of the Week

Knowledge

active exploit | F5 BIG-IP Vulnerabilities actively exploited by hacker groups
active attack | Apache ActiveMQ Vulnerability actively exploited, HelloKitty Ransomware gang leading the attacks

Vulnerabilities

critical vulnerability | Another critical Confluence vulnerability - patch ASAP
critical vulnerability | phpFox Social Platform fixes critical remote code execution flaw
critical vulnerability | INEA reports critical vulnerability in ME RTU device
critical vulnerability | Weintek EasyBuilder Pro reports critical vulnerability
critical vulnerability | Cisco Issues Critical Advisory on Firepower Management Center
critical vulnerability | Devolutions reports critical flaw in Remote Desktop Manager

Incidents

critical vulnerability | DoJ and DoD email addresses exposed in MOVEit related breach
data breach | Toronto Public Library suffers cyber attack
data breach | The data of 815 million citizens of India for sale via breach of Covid19 data records
data breach | LastPass stolen seed phrases used to steal $4.4 Million in crypto
data breach | Ace Hardware cooperative reports cyberattack, impacting IT systems
data breach | "World in HD" torrent community leaks user data
data breach | LockBit lists Summit Health on their breach site, claims data breach
data breach | RansomEXX publishes Digicel Group data dump
data breach | Western Washington Medical Group reports data breach, exposing patient data
data breach | Resort Data Processing reports data breach
data breach | Drug Free Workplaces reports data breach exposing data of 37k people
data breach | North Mississippi Health Services reports MOVEit related data breach
data breach | Piscataqua Savings Bank reports MOVEit related data breach
data breach | Okta reports another data breach, this time exposing employees
data breach | ITW Food Equipment Group reports data breach affecting customers
data breach | Strike reports data leak of customer emails after initially denying any issues
data breach | Hilb Group insurance brokers report data breach exposing 81k
data breach | Mortgage giant Mr. Cooper reports cyberattack as cause for outage
ransomware | Crime group Play claims they have hacked Dallas County
ransomware | American Airlines Pilots Union reports ransomware attack
ransomware | Ontario hospitals attacked by ransomware, patient and employee data exposed
ransomware | Shimano targeted by ransomware attack

Read More
State of (in)security - Week 47, 2024
Binarly warns of vulnerability allowing hackers with physical …
Thousands of SonicWall firewalls have an unpatched management …
Details of hacking campaign stelathy techniques targeting military …
State of (in)security - Week 25, 2024