What cybersecurity events occurred between February 26, 2024, and March 4, 2024?

During this period, there were 7 advisory/vulnerability events and 22 incident/data breach events. The number of known impacted individuals is nearly 20 million, with the largest breach being the CutOut.Pro AI Tool incident exposing 19,972,829 individuals.

How did the events of week 9 2024 compare to week 8 2024?

Week over Week comparison for week 9 2024 vs week 8 2024 shows all the same trends. Advisories reduced by only 1 compared to the previous week, and incidents decreased from 28 to 22.

What was the largest data breach reported in this period?

The largest breach reported was the CutOut.Pro AI Tool incident, which exposed 19,972,829 user records. Users of this tool should reset their passwords.

What were the main causes of the incidents reported in this period?

The main causes of the incidents included Malware, Ransomware and Related Attacks (8 incidents), Unauthorized access (2 incidents), Social Engineering and Phishing (1 incident), System Misconfiguration Exploits (1 incident), and Third Party Compromise (1 incident).

Which industries were most affected by the incidents reported in this period?

The most affected industries were Healthcare (5 incidents), IT/Software/Technology (3 incidents), Transport/Logistics (2 incidents), among others including Consulting/Professional Services, Non-profit/Charity, Pharmaceuticals, Retail, Telecommunications, Manufacturing, Entertainment/Leisure, and Hospitality/Events.

What was a significant knowledge item shared during this period?

A significant knowledge item shared was about an active attack where the Lazarus hacker group exploits a Windows component to gain maximum privileges, with a recommendation to patch ASAP.

Knowledge

State of (in)security - Week 9, 2024

published: March 4, 2024

Take action: This week we learn that not everything needs to be connected and exposed to the internet. A lot of devices will work very happily and be much less prone to attacks if you just take several days to plan out your network and isolate the devices and systems in a trusted network not visible from the internet.

Learn More

In the week between Feb. 26, 2024, midnight and March 4, 2024, midnight we witnessed a total of:

7 advisory/vulnerability events
22 incident/data breach events

Week over Week comparison of week 9 2024 vs week 8 2024 is: all the same.

We also shared 1 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 20,481,887 impacted individuals across 4 incidents, with the largest breach being the CutOut.Pro AI Tool 20 million user records breached, users should reset passwords incident exposing 19,972,829 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	8
Unauthorized access	2
Social Engineering and Phishing	1
System Misconfiguration Exploits	1
Third Party Compromise	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	5
IT/Software/Technology	3
Transport/Logistics	2
Consulting/Professional Services	1
Non-profit/Charity	1
Pharmaceuticals	1
Retail	1
Telecommunications	1
Manufacturing	1
Entertainment/Leisure	1
Hospitality/Events	1

Read the Event Details of the Week

Knowledge

active attack | Lazarus hacker group exploits Windows component to gain maximum privileges, patch ASAP

Vulnerabilities

critical vulnerability | Critical SQL injection vulnerability in 'Ultimate Member' WordPress Plugin
critical vulnerability | Kyocera urges customers to patch critical issue in Kyocera Net Manager
critical vulnerability | LiteSpeed Cache plugin has XSS vulnerability, 4M WordPress Sites exposed
critical vulnerability | Over 150 models of Lexmark printers have critical flaws
critical vulnerability | Avada WordPress theme fixes arbitrary file upload flaw
critical vulnerability | Aruba Networks patches multiple vulnerabilities in ClearPass Policy Manager, including one critical
critical vulnerability | Critical vulnerability reported in Apache Archiva, replace it ASAP

Incidents

critical vulnerability | Anycubic 3D printers hacked to warn of a security flaw
data breach | Intercept Pharmaceuticals reports data breach
data breach | Rotech reports MOVEit related data breach impacting vendor Philips Respironics
data breach | medQ reports data encryption incident and data breach
data breach | UW Health reports data breach caused by hacking employee's email
data breach | YX International leaks SMS 2FA codes of major cloud platforms
data breach | Southeast Vermont Transit reports data breach
data breach | Spokane Regional Health District reports data breach, potentially exposing 1000 people
data breach | Wal-Mart Spark Driver platform reports data breach after unauthorized access
data breach | Cencora pharmaceutical reports cyberattack and data breach
data breach | Aspen Dental reports data breach after ransomware attack
data breach | The Egyptian Health Department in Illinois reports data breach
data breach | Mogilevich hacking group claims attack on Epic Games, claim is denied by Epic
data breach | Taiwan's Chunghwa Telecom and government investigate potential massive data breach
data breach | CutOut.Pro AI Tool 20 million user records breached, users should reset passwords
data breach | Conrade Insurance reports data breach
data breach | Law firm Houser LLP reports data breach exposing over 325k people
data breach | Golden Corral restaurant chain reports massive data breach
ransomware | Hessen Consumer Center hit by ransomware attack
ransomware | Mogilevich ransomware gang boasts cyberattack on Bazaarvoice
ransomware | Thyssenkrupp reports ransomware attack, shuts down some systems
ransomware | Gilroy Gardens theme park hit by ransomware, shuts down systems

Read More
Time for change: privacy ignoring data brokers sell …
State of (in)security - Week 28, 2025
Binarly warns of vulnerability allowing hackers with physical …
State of (in)security - Week 4, 2024
State of (in)security - Week 37, 2025