State of (in)security - Week 5, 2024
Take action: Make sure to off-board user accounts and shut down legacy systems - because nobody takes care of them except hackers who can abuse them.
Learn More
In the week between Jan. 29, 2024, midnight and Feb. 5, 2024, midnight we witnessed a total of:
- 6 advisory/vulnerability events
- 29 incident/data breach events
Week over Week comparison of week 4 2024 vs week 5 2024 is: things are slightly better.
- Advisories and incidents are at the same overall level. Advisories have dropped from 8 in week 4 to 6 in week 5 and incidents have increased from 24 in week 4 to 29 in week 5.
- The number of known impacted individuals is back into a 'normal' state of 1.8 million from the massive 76 million in the previous week.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 1,854,251 impacted individuals across 6 incidents, with the largest breach being the Keenan & Associates reports data breach of 1.5 million people incident exposing 1,500,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 6 |
| unpatched software vulnerability | 3 |
| leaked cloud credentials | 3 |
| third party breach | 2 |
| offboarding error | 1 |
| human error | 1 |
| email account breach | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Government | 5 |
| Insurance | 4 |
| IT/Software/Technology | 3 |
| Healthcare | 3 |
| Education | 3 |
| Finance | 2 |
| Manufacturing | 2 |
| Food and Beverage | 1 |
| Construction | 1 |
| Consulting/Professional Services | 1 |
| Entertainment/Leisure | 1 |
| Automotive | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Apple iOS and macOS vulnerability from 2022 actively exploited
Vulnerabilities
- critical vulnerability | Rockwell Automation reports another critical issue in FactoryTalk Service Platform
- critical vulnerability | Ivanti reports another set of actively exploited vulnerabilities
- critical vulnerability | Emerson fixes critical issues in Rosemount Gas Chromatograph
- critical vulnerability | GNU C Library flaw allows local attackers to gain root access on Linux distros
- critical vulnerability | 'Leaky Vessels' flaws in multiple container engines expose host OS access
- critical vulnerability | Mastodon platform reports critical vulnerability, admins advised to patch
Incidents
- critical vulnerability | Source code of Mercedes-Benz exposed via leaked GitHub token
- cyber attack | Fulton County cyberattack causing government systems shutdown
- data breach | GC Services reports data breach
- data breach | Bankers Life and Casualty Company reports data breach
- data breach | Mexican journalists' data exposed in government server leak
- data breach | Lafayette Life reports third party data breach
- data breach | Canada Department of Global Affairs reports cyber attack and data breach
- data breach | Second data breach claim on Hewlett Packard Enterprise in one month
- data breach | Football Australia reports data leak exposing players and fan data
- data breach | Elite Supplements reports data breach
- data breach | Cloudflare reports cyberattack attempt on its network
- data breach | Timex reports breach that exposes employee data
- data breach | TRISTAR Insurance Group reports data breach impacting customers
- data breach | UK union email leaks data of police staff
- data breach | Parents report Class Charts data leak
- data breach | Physicians to Women reports cybersecurity incident, data breach
- data breach | Encore Bank reports data breach caused by compromised employee email
- data breach | Keenan & Associates reports data breach of 1.5 million people
- data breach | Multipe UK local government councils hit by service provider breach
- data breach | AlphaTeam claims hack on CasaSpeciale, offers data for sale
- ransomware | Freehold Township school district shuts down after cyberattack
- ransomware | Planet Home Lending reports data breack exposing 200k people
- ransomware | Schneider Electric targeted by Cactus ransomware gang
- ransomware | Reykjavík University fell victim to ransom gang cyberattack
- ransomware | ALPHV/Blackcat ransomware gang claims attack on Techica Corp and stolen FBI documents
- ransomware | LockBit claims Manchester Fertility as victim
- ransomware | AnyDesk reports production systems breach
- ransomware | Albania Institute of Statistics (INSTAT) breached, attack claimed by Iran-linked group
- ransomware | Lurie pediatric hospital in Chicago has systems down after cyberattack
