State of (in)security - Week 45
published: Nov. 13, 2023
Take action: Quality assurance, code review and testing is important for all software. Confirmed even by criminals who lost the stolen digital funds by bugs in their theft code.
Learn More
In the week between Nov. 6, 2023, midnight and Nov. 13, 2023, midnight we witnessed a total of:
- 4 advisory/vulnerability events
- 29 incident/data breach events
Week over Week comparison of week 45 vs week 44 is - back to normal:
- Slight increase in incidents, from 22 up to 29 and a decrease in advisories, from 6 down to 4.
- The number of known impacted individuals from data breaches is back to a reasonable (albeit still scary level) of just above 4 million versus the in record breaking incident with over 815 million in week 44.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 4,002,293 impacted individuals across 10 incidents, with the largest breach being the Maine government reports MOVEit related data breach of multiple departments incident exposing 1,300,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 10 |
| third party breach | 7 |
| human error | 1 |
| leaked cloud credentials | 1 |
| protocol design issue | 1 |
| unpatched software vulnerability | 1 |
| web application change insufficiently tested | 1 |
| DDoS attack | 1 |
| web scraping | 1 |
| employee unauthorized access | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 11 |
| IT/Software/Technology | 4 |
| Government | 3 |
| Retail | 2 |
| Consulting/Professional Services | 2 |
| Finance | 2 |
| Utilities | 1 |
| Education | 1 |
| Hospitality/Events | 1 |
| Manufacturing | 1 |
| Transport/Logistics | 1 |
Read the Event Details of the Week
Knowledge
- data breach | Time for change: privacy ignoring data brokers sell data of US military personnel
- active attack | Critical Confluence Flaw used in live Exploit Attempts and Ransomware attacks
Vulnerabilities
- critical vulnerability | Critical vulnerability in Johnson Controls Frick Quantum HD Unity refregiraton controller
- critical vulnerability | SysAid zero-day flaw exploited by Cl0p hacker gang
- critical vulnerability | Veeam reports critical flaws in Veeam ONE monitoring platform
- critical vulnerability | NAS vendor QNAP warns of critical vulnerabilities in QTS OS
Incidents
- data breach | Scraped Chess.com user records leaked on hacker forum
- data breach | DeFi lending platform Raft stops minting after security breach and theft of over 1500 ETH
- data breach | PriceSmart attacked by AlphV/Black Cat group, 500 GB of data listed on ransom site
- data breach | Singapore Marina Bay Sands reward members data breached, over 650k people exposed
- data breach | Sutter Health reports MOVEit related data breach, exposing 800k patients
- data breach | ZigZag retail shopping app leaks customer data
- data breach | AlohaCare reports MOVEit related data breach, impacts 12k individuals
- data breach | Electric Ireland reports data breach, exposes data of 8,000 customers
- data breach | Perry Johnson & Associates transcription reports data breach
- data breach | York Region District School boead reports cyber incident and systems outage
- data breach | Sumo Logic reports potential data breach caused by compromised AWS credentials
- data breach | Greater Rochester Independent Practice Association reports MOVEit related data breach
- data breach | Maine government reports MOVEit related data breach of multiple departments
- data breach | St. Bernards Healthcare reports MOVEit related data breach
- data breach | Australian ports operator DP World impacted by cyberattack, partially shuts down operations
- data breach | Healthcare providers in Singapore impacted by DDoS attack
- data breach | Northwell Health reports data breach through third party vendor
- data breach | UK municipality council exposes employee data in Freedom of Information Act error
- ransomware | Industrial and Commercial Bank of China impacted by ransomware
- ransomware | Kyocera AVX corp report ransomware attack exposing 39k individuals
- ransomware | Harris Center for Mental Health targeted by ransomware
- ransomware | ShopCourts e-commerce data sold on the dark web
- ransomware | Law giant Allen & Overy impacted by ransomware
- ransomware | Tri-City Healthcare impacted by ransomware, shuts down emergency ops
- ransomware | Cogdell Memorial Hospital impacted by Lorenz ransomware gang
- ransomware | Michael Garron Hospital reports ransomware attack and data breach
- ransomware | Cardiovascular Consultants (CVC Heart) listed on Qilin gang ransomware site
- ransomware | Infosys subsidiary McCamish Systems hit by cyberattack and data breach, possibly by ransomware
- ransomware | Western Isles Council in Scotland reports ransomware attack
