Tag Archives: top 2024 breaches

April 2024 Data Breach Round Up

april 2024 data breaches

In April 2024, numerous cybersecurity incidents occurred, mirroring previous occurrences. These incidents, yet again, serve as a reminder of the ongoing threat landscape that organizations across various sectors face. From retail giants to healthcare conglomerates, no entity appears to be immune to the ever-changing tactics employed by malicious actors in the digital sphere.

Let’s explore these breaches in detail, uncovering the stories that underscore the critical need for continuous monitoring and proactive risk management strategies in today’s interconnected world.


  1. Giant Tiger

    Giant Tiger, a prominent Canadian discount retailer, suffered a data breach that affected approximately 2.8 million of its customers. This breach came to light when an anonymous hacker posted the stolen data, including email addresses, names, phone numbers, and physical addresses, on a cybercrime forum. The breach data has since been added to the HaveIBeenPwned website, enabling users to check if their information has been compromised. The source of the breach was traced to a third-party vendor responsible for handling Giant Tiger’s customer interactions and communications. Although the leak did not include payment details or passwords, it poses a significant risk of phishing and identity theft. Giant Tiger has informed all affected customers and is actively managing the fallout from the disclosure.

  2. Home Depot

    On April 8, Home Depot confirmed a data breach involving a third-party SaaS vendor, which accidentally exposed names, work email addresses, and user IDs of some employees during system tests. This breach was disclosed after threat actor IntelBroker leaked data about 10,000 employees on a hacking forum. Security experts stress the importance of robust third-party risk management and the need for uniform security protocols across business ecosystems to mitigate such breaches, which could lead to targeted phishing attacks and further security compromises.

  3. Roku

    In a recent statement, Roku disclosed that its security systems detected unauthorized access to approximately 15,000 user accounts earlier this year through credential stuffing—using stolen login details from other sources. Despite these intrusions, Roku confirmed there was no compromise within their systems. A second incident involved around 576,000 accounts, but again, no sensitive information or full payment details were accessed. In response, Roku has reset passwords for affected accounts, implemented refunds for unauthorized transactions, and introduced two-factor authentication for all accounts to enhance security. Roku urges customers to create strong, unique passwords and remain vigilant against suspicious communications to further protect their accounts.

  4. Nextperia

    On April 12, 2024, Nexperia announced that an unauthorized party had accessed certain IT servers in March. The company quickly isolated the compromised systems and cut off internet access to contain the breach. With the help of cybersecurity firm FoxIT, Nexperia is actively investigating the breach’s scope and has taken significant steps to terminate the unauthorized access. The incident has been reported to the relevant authorities, including the ‘Autoriteit Persoonsgegevens’ and the police, who are being updated on the investigation’s progress. Due to the ongoing investigation, Nexperia has stated that further details cannot be disclosed at this time. Nexperia, headquartered in the Netherlands, is a leading global semiconductor company, noted for its significant contributions to electronic components across various industries.

  5. MITRE

    On April 19, 2024, MITRE acknowledged a cybersecurity breach within its Networked Experimentation, Research, and Virtualization Environment (NERVE), a platform used for collaborative research and development. Despite robust security measures, a foreign nation-state was identified as the perpetrator of this breach. Immediate steps were taken to contain the breach by disconnecting the NERVE environment and launching a comprehensive investigation with both in-house and external cybersecurity experts. MITRE has informed the relevant authorities and those affected, and is working on secure alternatives for collaboration. Jason Providakes, president and CEO of MITRE, emphasized the organization’s commitment to transparency and the advancement of cybersecurity practices across the industry. MITRE, known for its contributions to cybersecurity standards and tools, continues to share insights gained from this incident to aid the broader security community.

  6. Kaiser

    Kaiser, a prominent U.S. health conglomerate, is informing millions of current and former members about a data breach that occurred when the company inadvertently shared patients’ data with third-party advertisers, including tech giants like Google and Microsoft. The breach was identified after an investigation revealed that certain online technologies used by Kaiser transmitted personal information to external vendors. The compromised data includes member names, IP addresses, and details indicating usage of Kaiser’s services and websites. Kaiser promptly removed the tracking code from its platforms. This incident underscores a concerning trend in the healthcare sector, where online tracking codes have been used to share sensitive patient information with advertisers. Kaiser plans to notify approximately 13.4 million affected individuals and has fulfilled legal requirements by reporting the breach to relevant authorities. This breach marks one of the largest health-related data breaches of 2024, as listed by the U.S. Department of Health and Human Services.

  7. FBI Warning

On April 12, the FBI issued a warning regarding a significant surge in SMS phishing attacks aimed at Americans concerning unpaid road toll fees. Beginning last month, thousands of individuals reported being targeted by scammers. The FBI’s Internet Crime Complaint Center received over 2,000 complaints since early March, indicating a widespread campaign across at least three states. The malicious texts claim recipients owe money for outstanding tolls, with identical language across reports. The phishing messages contain hyperlinks impersonating state toll services, with phone numbers varying between states. Although the FBI did not mention E-ZPass in their warning, it’s noted that the scam also targets E-ZPass customers. The FBI advises recipients to report the scam, avoid clicking links, verify their accounts through legitimate websites, contact customer service, delete any phishing texts, and take measures to secure personal and financial information if they’ve interacted with the messages.


As April comes to a close, these data breaches serve as powerful reminders of the urgent need to strengthen our systems. Each breach brings new insights, pushing everyone involved to take a hard look at their security measures, beef up their defenses, and stay sharp against emerging threats.


In our quest for cyber resilience, teamwork and sharing what we know are key. By working together and staying committed to protecting our digital world, we can tackle the challenges of cyberspace head-on, with confidence and resolve.


March 2024 Data Breach Round Up

March 2024 Data Breaches

A few months into 2024, and data breaches are on the rise. This surge highlights the need for improved security measures and greater awareness. These instances of unauthorized access to confidential data expose vulnerabilities in our interconnected systems. A deeper look into these breaches uncovers broader cybersecurity issues that necessitate immediate, coordinated efforts for digital information protection. In a time when data breaches are becoming more advanced, traditional security measures are no longer adequate.

This is where comprehensive security assessments and compliance become invaluable. Evaluating your company’s security posture and aligning it with industry standards can help identify vulnerabilities before exploitation. Compliance isn’t just about ticking boxes—it’s about creating a robust framework that bolsters security measures and instills trust in clients.

However, the real game-changer in the fight against cyber threats is the integration of AI  into your security strategies. AI can analyze vast amounts of data at an unprecedented speed, identifying potential threats and anomalies that might go unnoticed by human eyes. It can also predict potential vulnerabilities, allowing companies to fortify their defenses proactively.

Let’s jump into the data breaches that shook the industry in March 2024, a stark reminder of the ever-evolving challenge of maintaining digital security. 

AT&T

AT&T has initiated a mass reset of customer account passcodes following a leak that exposed millions of records online, including sensitive information such as names, addresses, and Social Security numbers. The leaked data, dating back to 2019 or earlier, affects about 7.6 million current and 65.4 million former AT&T account holders. Despite the leak, AT&T has stated there’s no evidence of unauthorized system access. The leak, including encrypted passwords easily decryptable, was first identified when a security researcher shared their findings with TechCrunch. AT&T is contacting affected current and former customers to inform them about the breach and the steps being taken to secure their accounts.

Fujitsu

Fujitsu, a leading global IT services provider, recently announced a significant security breach where malware infected its systems, leading to the theft of customer data. The company, ranking as the sixth largest in its sector with a workforce of 124,000 and revenues of $23.9 billion, plays a pivotal role in technology, offering a wide array of products and services, including cloud solutions and IT consulting. The breach, affecting systems holding sensitive customer information, prompted immediate action from Fujitsu to isolate infected computers and enhance monitoring. Despite no reports of the data’s misuse, Fujitsu has notified relevant authorities and is in the process of alerting affected customers. This incident follows a 2021 security breach involving Fujitsu’s ProjectWEB tool, which compromised government agencies and led to significant data theft, underscoring ongoing cybersecurity challenges.

MarineMax

MarineMax, a leading yacht retailer, reported a cyberattack in March, revealing that hackers, identified by the Rhysida ransomware gang, compromised its systems and stole data including employee and customer personal information. Despite initial claims of not storing sensitive data on the breached systems, a subsequent investigation uncovered that the cybercrime group accessed and extracted data, which is now being offered for sale on the dark web for 15 Bitcoin (over $1 million). MarineMax, with operations spanning 130 locations globally and reporting $2.39 billion in revenue last year, has engaged external cybersecurity experts to mitigate the breach’s impact, notified law enforcement, and is in the process of notifying affected individuals and regulatory bodies. The Rhysida gang, known for its ransomware-as-a-service operations since May 2023, has targeted various organizations, including the British Library and healthcare entities, marking this incident as part of a broader pattern of cyberattacks by the group.

PandaBuy

PandaBuy, an online shopping platform facilitating purchases from Chinese e-commerce sites, experienced a data breach affecting over 1.3 million users. The breach, executed by threat actors ‘Sanggiero’ and ‘IntelBoker’ through exploiting critical API vulnerabilities, exposed comprehensive user data including names, contact details, order information, and addresses. The compromised data was offered on a forum for a nominal cryptocurrency fee, with a sample provided to validate its authenticity. Despite attempts to downplay the incident, evidenced by moderated discussions on Discord and Reddit, the breach’s reality was confirmed by data breach aggregator Have I Been Pwned (HIBP), advising impacted users to change their passwords and be cautious of potential scams. PandaBuy has yet to officially address the breach publicly, as concerns over user privacy and platform security escalate.

France Travail

France Travail, the national unemployment agency in France, has reported a significant data breach affecting approximately 43 million individuals, stemming from a cyberattack between February 6 and March 5. The agency, which aids in job placement and financial support, acknowledged that personal details of job seekers over the past two decades, including sensitive information like social security numbers and contact details, were compromised. While bank details and passwords remain unaffected, the exposed data raises serious concerns for identity theft and phishing risks. France Travail has notified the National Commission of Informatique and Liberties (CNIL) and is advising those potentially impacted to exercise caution with their communications. This incident, surpassing the scale of previous breaches including a 10 million person breach last August and the recent Viamedis and Almerys breach, marks a record for cybersecurity incidents in France.

Prioritizing Compliance & Cybersecurity in the Wake of Rising Data Breaches:

Digital security is a complex tapestry, with challenges increasing in both frequency and severity. This complexity calls for action. We must strengthen our defenses, both as organizations and individuals. At Findings we understand the pivotal role of security assessments, compliance, and AI in safeguarding your digital assets. Our suite of services is designed to provide a comprehensive security solution that not only helps prevent data breaches but also ensures that your company is equipped to handle any cyber threats that come its way. From detailed security assessments that highlight your strengths and weaknesses to AI-driven insights that keep you one step ahead of cybercriminals, we are your partner in establishing a resilient and compliant security posture.

As we reflect on the lessons from the top breaches in March 2024, let us use them as a stepping stone towards a more secure and trustworthy digital future. 

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today

Let's Tackle Compliance Together

Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account


Please fill your details below and click "Next" to create your account:

Payment

Feature
Startup
Business
Enterprise
Price
$10 / Month
$10 / Month
$25 / Month
VDPaaS
Alerts
Assessments
Integrated Apps
API
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
Feature
Startup
Business
Enterprise
Price
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
5
40
Unlimited
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
OKTA
DKIM
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Support
Email
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!