Data breaches continue to make headlines, no matter the industry and the size of the company. It’s becoming increasingly apparent that even the most secure companies experience data breaches and that the need for increased cybersecurity defenses has never been higher: companies should bolster their defenses before the breach occurs.
Compiled on September 25, the following list is composed of data breach headlines that were published during the month of September. Source articles have been organized by industry in reverse chronological order.
Security Breaches Reported in September 2024
Finance
09/16/2024
DeltaPrime on ARB Chain Suffers Security Breach, $6 Million Loss Estimated | Coinspeaker
DeltaPrime, a decentralized finance (DeFi) platform operating on the Arbitrum chain, has been compromised in a cybersecurity breach resulting in a loss of approximately $6 million due to a private key exploit.
09/09/2024
Payment Gateway SLIM CD Data Breach: 1.7 Million Users Impacted | HackRead
Payment gateway platform SLIM CD suffered a massive data breach between August 2023 and June 2024, compromising over 1.7 million customers’ personal and credit card information.
Healthcare
09/25/2024
Elitecare Emergency Hospital suffers healthcare data breach | TechTarget
Elitecare Emergency Hospital notified 24,754 individuals of a cybersecurity incident where health insurance information, medical information, among others were accessed by an unauthorized party. UT Southwestern Medical Center and Richland County have also suffered healthcare data breaches.
09/24/2024
U.S. govt agency CMS says data breach impacted 3.1 million people | Bleeping Computer
The Centers for Medicare & Medicaid Services (CMS) federal agency announced that health and personal information of more than three million health plan beneficiaries was exposed in ransomware attacks last year.
09/16/2024
88000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack | SecurityWeek
New Hampshire-based orthopedics services provider Access Sports Medicine & Orthopaedics is informing 88,000 individuals of compromised personal and health information due to suspicious activity on its network on May 10, 2024.
09/04/2024
Data Breaches Reported by Three Californian Healthcare Providers | The HIPAA Journal
Data breaches involving unauthorized access have been reported by Californian healthcare providers Vasinda’s Around the Clock Care, Baker Places, Turning Point of Central California, and Watson Clinic in Florida. Providers have since been sending notification letters to affected individuals.
Tech
09/23/2024
Hackers Allegedly Claim Leak of Oracle Data on Hacking Forum | Cyber Security News
Oracle has yet to confirm or deny breach claims that reportedly occurred in September 2024 and involved the exposure of 4,002 rows of employee information.
09/22/2024
Hackers Claim Second Dell Data Breach in One Week | Hackread
Within a week of the first Dell data breach, Hackers claim to have breached Dell a second time, exposing sensitive internal files via compromised Atlassian software suite. Dell is already investigating the first incident but has yet to address the latest breach claims.
09/18/2024
Hacker claims to have stolen 20GB data hoard from Capgemini, and is threatening to leak it all | Tech Radar
Capgemini, a French tech and consulting giant, has yet to comment on a hacker’s claims to have stolen 20 gigabytes of sensitive data including databases, source code, keys credentials, and employee data, among others.
09/18/2024
Russian security firm Dr.Web disconnects all servers after breach | Bleeping Computer
Doctor Web, a Russian anti-malware company, disclosed a security breach after its systems were targeted in a cyberattack. The company disconnected all servers from its internal network and was forced to stop delivering virus database updates to customers while investigating the breach.
09/17/2024
Cybersecurity firm reveals breach in third-party cloud system | Insurance Business Australia
Cybersecurity firm Fortinet has disclosed a recent security breach where files stored in a third-party cloud-based file-sharing system were accessed by an unauthorized individual. Less than 0.3% of Fortinet’s customer data was affected.
09/05/2024
Microchip Technology Confirms Personal Information Stolen in Ransomware Attack | Security Week
US-based semiconductor supplier Microchip Technology has confirmed that data was stolen from its systems during a ransomware attack in August. Data was leaked after extortion attempts failed.
Retail
09/22/2024
Harvey Nichols confirms cyberattack, says customer data leaked | TechRadar
Harvey Nichols, a luxury British department store chain known for offering high-end fashion, beauty, food, and home products, suffered a cyberattack in which crooks stole “non-sensitive” user data such as postal addresses, phone numbers, and email addresses. Harvey Nichols is not providing much information regarding the breach.
09/18/2024
Temu denies data breach — but hacker claims to have leaked 87 million strong database | Tech Radar
Ecommerce giant Temu is denying a hacker’s claim that millions of customer records were stolen. As proof of the database’s authenticity, the hacker advertised a small sample containing usernames and IDs, IP addresses, full names, birth dates, gender, shipping addresses, phone numbers, and hashed passwords.
09/16/2024
David’s Bridal notifies staff and customers of data breach following two ransomware attacks | Comparitech
David’s Bridal notified 4,132 Texans of a data breach that compromised their personal information. The company is already facing at least two class-action lawsuits for failing to protect customer and employee personal information.
09/15/2024
Toyota has a data dilemma after hackers leak 240GB of customer information | Fox News
A hacker leaked a 240GB file containing data stolen from a branch of Toyota. Although the leak was initially acknowledged, Toyota later claimed that the data was stolen from a third-party entity misrepresented as Toyota.
09/06/2024
Car rental giant Avis data breach impacts over 299,000 customers | BleepingComputer
American car rental giant Avis notified over 299,000 impacted customers of an unauthorized access incident in August where the attacker stole customers’ personal information.
09/05/2024
Park 'N Fly Data Breach Impacts a Million Customers | CPO Magazine
Unauthorized activity involving compromised VPN credentials occurred in July, potentially exposing a million customers’ sensitive information. Park ‘N Fly stresses that the data breach did not expose customers’ payment information or login credentials.
Miscellaneous
09/24/2024
100 million Americans just had their personal information leaked in the massive MC2 Data breach | ITPro
Background check firm MC2 Data has had 2.2TB of their data leaked—most likely due to human error. Nearly one-third of the US population may have had their personal data exposed.
09/24/2024
Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach | SecurityWeek
The audit and consulting giant has confirmed being aware of the claims and a statement provided to SecurityWeek suggests that the company did indeed suffer a data breach, but impact is limited.Prevent Data Breaches Before They Happen
Access Control Matters
Identity and access management (IAM) is imperative to deter and prevent data breaches before they happen. Regulating who or what is allowed to access particular information can prevent lateral movement even if the system is breached, minimizing the effect of the breach.
Built upon the idea of continuous verification, Pomerium is a zero-trust reverse proxy that helps enterprises manage secure application access. Authenticate, authorize, monitor, and secure user access to any application without a corporate VPN.
