Data Breach Report: March 2024 Edition

February 2024 wasn’t all hearts and flowers in the digital world. While some enjoyed Valentine’s Day bliss, millions faced the chilling reality of data breaches. From healthcare giants to tech titans, no industry was immune. This month saw a wave of cyberattacks exposing sensitive information, highlighting the ongoing need for robust cybersecurity practices.

Let’s delve into some of the most concerning February breaches and what they mean for consumers and businesses alike.

On February 7, 2024, the French data protection authority (CNIL) announced that it had opened investigations into Viamedis and Almerys, two French healthcare payment service providers. In late January 2024, the companies were the victims of significant data breaches that impacted over 33 million French residents, or almost half of the country’s population.

Data Exposed: The exposed data included sensitive personal information like names, dates of birth, social security numbers, marital status, and details about health insurance policies.

Current Status: The French data protection authority (CNIL) is investigating the breach to determine if proper security measures were in place. Additionally, supplementary health insurance companies using Viamedis and Almerys are required to inform affected individuals.

https://www.cnil.fr/fr/violation-de-donnees-de-deux-operateurs-de-tiers-payant-la-cnil-ouvre-une-enquete-et-rappelle-aux

In February 2024, U-Haul, a moving truck and self-storage rental company, reported that 67,000 customers were affected by a data breach that compromised their personal information.

Data Exposed: The compromised information included names, dates of birth, and driver’s license numbers for approximately 67,000 customers across the US and Canada.
Breach Date: Believed to have occurred between July 20 and October 2, 2023. U-Haul discovered the incident in early December 2023.

Due to delayed notification, there’s some criticism regarding the delay between U-Haul discovering the breach in December 2023 and notifying customers in February 2024.

Data Breach Notification: https://apps.web.maine.gov/online/aeviewer/ME/40/8cbdef9d-3c2c-48e1-b36e-d202df6bd1af.shtml

In February 2024, Microsoft’s Azure platform experienced a data breach that included user impersonation, financial fraud, and data extraction. The breach also involved an exchange server vulnerability, CVE-2024-21410, which is a privilege escalation bug that allows unauthorized attackers to remotely access.

Type of Breach: Hackers gained access to hundreds of executive accounts, primarily belonging to mid-level and senior management.

Data at Risk: The attackers aimed for financial gain through data exfiltration and potential financial fraud. While details are unclear, compromised executives’ emails and potentially some company data might have been accessed.

A global network service provider, exposed over 380 million records, including infrastructure and customer information, due to a misconfigured cloud database. The records are accessible on the internet and are 57.46 GB of data.

Exposed Data: A misconfigured cloud database left a staggering 384 million records, or 57.46 gigabytes of data, accessible to anyone on the internet with no password protection.

Type of Information: The leaked data included internal Zenlayer documents like server logs, access logs, error logs, and security logs. This exposes details about Zenlayer’s internal operations and network architecture. Additionally, customer information like names and email addresses were also found in the exposed data.

Zenlayer acknowledged the data exposure, patched the issue to prevent further access, and initiated an investigation. However, details about the investigation and the number of affected customers haven’t been publicly disclosed yet.

Hyundai Motor Europe was the victim of a ransomware attack by the Black Basta group. The threat actors claimed to have stolen 3 terabytes of corporate data. The data breach letter informs affected individuals that an unauthorized third party has access to the database of customers.

Data Exposed: Hackers gained access to personal information including email addresses, physical addresses, phone numbers, and vehicle chassis numbers.

Hyundai acknowledged the breach and launched an investigation with cybersecurity experts. They are also working with relevant authorities. However, details about the investigation and the number of affected customers haven’t been publicly disclosed yet.