How many advisory/vulnerability and incident/data breach events were there in the week between Feb. 19, 2024, and Feb. 26, 2024?

There were 8 advisory/vulnerability events and 28 incident/data breach events during the week.

What was the trend in cybersecurity incidents compared to the previous week?

The week saw an escalation in incidents, with advisories nearly the same from 9 to 8 and incidents increasing from 23 to 28 compared to the previous week.

What were the main causes of incidents reported in the week?

The main causes of incidents were ransomware, database configuration errors, compromised accounts, email account breaches, phishing, human error, social engineering, third-party breaches, unpatched software vulnerabilities, unsecured Data Buckets, and web applications exposing too much data.

Knowledge

State of (in)security - Week 8, 2024

Q: What is the total number of impacted individuals in the week between Feb. 19, 2024, and Feb. 26, 2024?

There were a total of 25,554,606 impacted individuals across 8 incidents during the week.

Q: What was the largest breach in the week between Feb. 19, 2024, and Feb. 26, 2024?

The largest breach was the Researchers claim that LenDenClub P2P lending platform has been hit by data breach incident exposing 22,000,000 individuals.

published: Feb. 26, 2024

Take action: As in all phishing, if it's too good to be true, it's not true. If you have clicked, report immediately to your team. And clean up the secrets in your code. Because someone will be phished.

Learn More

In the week between Feb. 19, 2024, midnight and Feb. 26, 2024, midnight we witnessed a total of:

8 advisory/vulnerability events
28 incident/data breach events

Week over Week comparison of week 8 2024 vs week 7 2024 is: escalating.

We also shared 1 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 25,554,606 impacted individuals across 8 incidents, with the largest breach being the Researchers claim that LenDenClub P2P lending platform has been hit by data breach incident exposing 22,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
ransomware	4
database configuration error, exposed w/o password online	3
compromised account	2
email account breach	2
phishing	1
human error	1
social engineering	1
third party breach	1
unpatched software vulnerability	1
unsecured Data Bucket	1
web application exposing too much data	1

Industry breakdown of incidents

Industry	Number of incidents
	9
	4
	4
	4
	3
	2
	1
	1

Read the Event Details of the Week

Knowledge

active attack | Active GithHub Phishing campaign impersonating GitHub Recruitment

Vulnerabilities

critical vulnerability | Critical issues found in ConnectWise ScreenConnect, patch immediately
critical vulnerability | VMware alerts of Enhanced Authentication Plugin critical vulnerability, urges removal
critical vulnerability | Commend fixes issues in WS203VICM after product end-of-life
critical vulnerability | CISA advises update of Ethercat Zeek Plugin due to critical issues
critical vulnerability | Joomla CMS releases patches for several XSS vulnerabilities
critical vulnerability | CU Solutions Group CMS vulnerabilties expose credit unions
critical vulnerability | Apple Shortcuts vulnerability enables zero-click data theft
critical vulnerability | Progress Kemp LoadMaster has maximum severity critical flaw

Incidents

data breach | Mr. Cooper leaks 2M customer records via unsecured database
data breach | RCMP investigating cyber attack, website down
data breach | Aleo leaks customer KYC data, risks customer privacy
data breach | Jeff Wyler Automotive Family reports data breach exposing customer data
data breach | Phillipine Online Voucher Application leaks data of over 200,000 students
data breach | Onclusive reports 'small data breach' after cyber attack
data breach | BMW confirms data leak through unprotected cloud storage
data breach | Grace Lutheran Communities attacked by AlphV/BlackCat ransomware gang
data breach | Malaysian Digital Ministry reviewing claims of data breach at LPPKN by ROOTK1T
data breach | Finnish Security and Intelligence Service leaks its payroll data to gmail account
data breach | Major breach of surveillance data related to Chinese Ministry Of Public Security published on GitHub
data breach | Spectrum Vision Partners reports data breach impacting patient data
data breach | Tangerine Telecom exposes data of 232k customers in asecurity breach
data breach | Maryville, Inc addiction recovery centers report data breach
data breach | Butler County reports data breach
data breach | CarePro Health reports data breach, over 150k patients impacted
data breach | IntelBroker hacker leaks data of 2.5 million records of private plane owners
data breach | Zenlayer leaks over 380 millon records due to misconfigured cloud database
data breach | U-Haul reports data breach, 67,000 customers impacted
data breach | Researchers claim that LenDenClub P2P lending platform has been hit by data breach
data breach | Newport Group reports third party breach caused by Infosys McCamish Systems
data breach | Two El Al planes report in-flight communication hijack attempt over Somalia
data breach | Lexington Medical Center reports data breach through compromised email account
data breach | R00TK1T claims attack on TNB EV chargers in Malaysia
ransomware | Once again, Wyze camera leaks feed of other users to 13,000 customers
ransomware | City of Oakley, California reports ransomware attack
ransomware | PSI Software SE critical infrastructure vendor reports ransomware attack
ransomware | Change Healthcare reports cyberattack, potential wider impact to hospitals

Read More
State of (in)security - Week 4, 2026
Microsoft Azure environments attacked in coordinated phishing effort
State of (in)security - Week 39, 2025
Snowflake attack research - data breaches are related …
State of (in)security - Week 32, 2023