What total events were witnessed in the week between Dec. 25, 2023, and Jan. 1, 2024?

During this period, there were a total of 3 advisory/vulnerability events and 26 incident/data breach events.

How does the week 52 of 2023 compare to week 51 in terms of advisories and incidents?

Week 52 saw a decrease in advisories and incidents compared to week 51. Advisories went down from 9 to 3, and incidents decreased from 29 to 26.

What was the total number of impacted individuals in week 52 of 2023?

There were 21,082,128 impacted individuals in week 52, with the largest breach at Snap Food, Iran's largest food delivery app, affecting 20,000,000 individuals.

What were the main causes of incidents in the week of Dec. 25, 2023, to Jan. 1, 2024?

The main causes were ransomware (10 incidents), third party breach (3 incidents), database configuration errors (2 incidents), and email account breach (1 incident).

Which industries were most affected by incidents in the last week of 2023?

The most affected industries were Government (5 incidents), Healthcare (4 incidents), IT/Software/Technology (4 incidents), Food and Beverage (3 incidents), and Entertainment/Leisure (2 incidents).

Knowledge

State of (in)security - Week 52, 2023

published: Jan. 1, 2024

Take action: Security of API tokens and code are important even when developing games. Because they can be used to deploy malware to your players. In 2024, accept one less compromise when pushing for security discipline, penetration tests and patching.

Learn More

In the week between Dec. 25, 2023, midnight and Jan. 1, 2024, midnight we witnessed a total of:

3 advisory/vulnerability events
26 incident/data breach events

Week over Week comparison of week 52 vs week 51 is less bad.

We also shared 2 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 21,082,128 impacted individuals across 3 incidents, with the largest breach being the Snap Food, Iran's largest food delivery app hit by cyberattack incident exposing 20,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
ransomware	10
third party breach	3
database configuration error, exposed w/o password online	2
email account breach	1

Industry breakdown of incidents

Industry	Number of incidents
Government	5
Healthcare	4
IT/Software/Technology	4
Food and Beverage	3
Entertainment/Leisure	2
Energy	1
Pharmaceuticals	1
Automotive	1
Transport/Logistics	1
Aviation	1
Construction	1
Consulting/Professional Services	1
Defence	1

Read the Event Details of the Week

Knowledge

awareness | 2024 New year resolution for security - One less concession
active attack | Steam game mod "Downfall" breached, pushed password-stealing malware

Vulnerabilities

critical vulnerability | Barracuda patches ESG vulnerability actively exploited by hackers
critical vulnerability | Google patches flaws in their Kubernetes Engine that can be chained for cluster takeover
critical vulnerability | Apache OfBiz ERP System critical flaw reported

Incidents

critical vulnerability | Assembly of the Republic of Albania and telecom One Albania hit by cyber attacks
data breach | Corewell Health reports second third party data breach in the span of one month
data breach | National Amusements group reports cyberattack exposing 82k individuals
data breach | European largest parking operator hit by cyber attack, customer data breached
data breach | Libraries managed by Woolhara Council hit by cyberattack, potential data breach
data breach | TuneFab leaks 151 million records of users
data breach | Snap Food, Iran's largest food delivery app hit by cyberattack
data breach | Real Estate Wealth Network data leaks 1.5B records
data breach | Anonymous Central hacker group attacks Ukrainian Water Transport
data breach | Financial Risk Mitigation reports data breach, exposing consumer data
data breach | Tarrytown Expocare reports potential data breach
data breach | Integris Health reports data breach, patient data exposed
data breach | GTA 5 full source code leaked to the public
data breach | Yakult Australia reports cyber attack and data leak
data breach | CHI Memorial reports possible data breach
data breach | Panasonic Avionics reports data breach one year after cyberattack
data breach | INC RANSOM gang claims attack on Xerox Corp
ransomware | Cullman County revenue office hit by ransomware, prevents property tax payments
ransomware | National Insurance Board of Trinidad and Tobago shuts down systems due to ransomware
ransomware | Eagers Automotive car dealerships halts it's stock trading after cyberattack
ransomware | Serbia public energy company EPS possibly hit by Qilin ransom gang
ransomware | BlackBasta crime gang claims attack on American Alarm and Communications
ransomware | Ohio Lottery impacted by cyberattack, disconnects systems
ransomware | Lockbit gang hits German hosptials' emergency care
ransomware | BlackCat ransomware gang claims attack on Ultra Intelligence and Communications
ransomware | Snatch ransomware gang glaims attack on Tyson Foods

Read More
State of (in)security - Week 33, 2024
State of (in)security - Week 29
State of (in)security - Week 38, 2025
State of (in)security - Week 27, 2025
State of (in)security - Week 25, 2024