October 2024 Sees Multiple Significant Cybersecurity Breaches
/ 4 min read
Quick take - In October 2024, the cybersecurity landscape experienced significant breaches and cyberattacks across various sectors, including finance, technology, and healthcare, with notable incidents involving major organizations such as Interbank, Free, Change Healthcare, and Cisco Systems, revealing vulnerabilities and compromising sensitive data for millions of individuals.
Fast Facts
- October 2024 saw significant cybersecurity breaches across various sectors, including finance, technology, and healthcare, with notable incidents affecting millions of individuals.
- Interbank in Peru experienced a data breach compromising sensitive information of over 3 million customers, linked to a hacker known as “kzoldyck.”
- Free, a French ISP, reported a breach affecting over 19 million subscribers, with exposed IBANs raising privacy concerns and a ransom demand of over $70,000.
- Change Healthcare suffered a ransomware attack attributed to the BlackCat group, compromising personal and healthcare information of over 100 million individuals, leading to a financial impact of approximately $2.45 billion.
- Other notable incidents included breaches at Cisco Systems, Game Freak, and the Internet Archive, highlighting vulnerabilities across multiple sectors and the persistent threat of cybercriminals.
October 2024 Cybersecurity Breaches
In October 2024, the cybersecurity landscape was marked by a series of significant breaches and cyberattacks affecting various sectors, including finance, technology, and critical infrastructure.
Major Breaches in Finance and Healthcare
Among the most notable incidents was a data breach at Interbank, a major financial institution in Peru. This breach compromised sensitive information of over 3 million customers. The attack was linked to a hacker known by the alias “kzoldyck.” Parts of the stolen data were subsequently leaked on hacking forums, including customer names, account IDs, addresses, phone numbers, email addresses, and critical financial details such as credit card numbers and CVVs.
In a similar vein, Free, a French internet service provider, reported a breach that affected over 19 million subscribers. The attacker exploited vulnerabilities in Free’s internal management system. Personal information was compromised, although passwords, bank card details, and communications were claimed to remain secure. Exposed IBANs raised significant privacy concerns, and the attacker demanded a ransom of over $70,000 to prevent further data leaks.
The healthcare sector was also deeply impacted by a ransomware attack on Change Healthcare, a subsidiary of UnitedHealth. This attack occurred in February 2024 and compromised the personal and healthcare information of over 100 million individuals. The BlackCat (ALPHV) ransomware group was attributed to this attack. Despite UnitedHealth paying an initial ransom of $22 million, data leaks persisted following a second extortion attempt, leading to a financial impact of approximately $2.45 billion by Q3 2024.
Cyberattacks in Technology and Gaming
In the technology sector, Cisco Systems faced a security breach involving its DevHub environment. Admin IntelBroker claimed access to sensitive materials, including source codes and API tokens. Cisco confirmed that the exposed data came from its public-facing portal but assured that its core systems remained secure.
The gaming industry was not exempt from these cyber threats. Game Freak, known for developing the Pokémon series, confirmed a cyberattack in August 2024 that compromised the personal data of 2,606 employees. Sensitive game information, including source code for previous Pokémon titles, was stolen. Additionally, Casio reported a ransomware attack in early October 2024, affecting sensitive data related to employees, job applicants, customers, and business partners. The Underground ransomware group was attributed to this attack, although credit card information was reportedly not compromised.
Other Notable Incidents
The Internet Archive experienced a major breach that compromised personal information for 31 million users, including email addresses and hashed passwords. The incident was traced back to an exposed GitLab configuration file, allowing unauthorized access to API keys and source code. Following this breach, the Internet Archive faced DDoS attacks from the hacktivist group BlackMeta, disrupting access to its services.
Moreover, LEGO’s official website was breached on October 5, 2024, resulting in fraudulent advertisements for a non-existent cryptocurrency called “LEGO Coin.” Fortunately, LEGO confirmed that no user accounts or sensitive customer data were compromised during this incident.
In another significant incident, American Water, a major U.S. water utility, suffered a cyberattack that led to the shutdown of several systems, including its online customer portal. Meanwhile, Financial Business and Consumer Solutions (FBCS) reported a data breach in February 2024 that affected over 4 million individuals, including clients like Comcast and Truist Bank. Sensitive data such as names, addresses, Social Security numbers, and medical information were exposed, increasing the risk of identity theft.
Lastly, Cloudflare successfully mitigated a record-breaking DDoS attack that peaked at 3.8 Tbps, targeting clients across the finance, internet, and telecom sectors. A vulnerability in ASUS routers was exploited, impacting over 157,000 devices across various regions.
As these incidents illustrate, October 2024 was a turbulent month for cybersecurity, underscoring the vulnerabilities present across multiple sectors and highlighting the ongoing threats posed by cybercriminals.
Original Source: Read the Full Article Here
