April 2024 Breaks Data Breach Records
16.05.2024

In the text below, we will take a closer look at a couple of the recent cyber incidents.

According to risk and privacy management specialists, April 2024 broke all data breach records. 652 cyber incidents resulted in a leak of more than 5 billion records. This is 1,600% more than in March 2024 and 122,000% more than in April 2023, which is staggering.

Data breaches might have different causes, but unfortunately, in many cases, they are quite trivial. Among the most common ones, there are vulnerabilities that are not fixed for some reason, too weak or too simple passwords, human factor and insider threats.

One of the April leak incidents, for example, occurred in the Helsinki Department of Education: at the end of the month, a serious data breach that affected about 80 thousand students, their guardians, and employees was disclosed. The reason for the incident was unauthorized access to a network drive through exploiting a vulnerability in a remote access server. Officials do not say which remote access product exactly was targeted. It was also claimed that a security patch for this type of vulnerability was available at that moment but was not installed. It is assumed that the investigation will take quite a while due to the volume of the leaked data.

Recently, it became known that Australian Firstmac Limited (a major non-bank lender) also experienced a major personal data breach. The breached data included:

  • Names
  • Contact information
  • Dates of birth
  • Bank account details
  • Driver's license numbers. 

Firstmac states that customers’ accounts were not directly affected by the incident. In this case, as in the previous one, an unauthorized third party accessed a part of the company's IT system. What exactly led to the incident is not reported.

It’s crucial to keep in mind that sometimes quite simple but necessary steps such as timely software update or security patch installation can prevent a big disaster. Besides, it’s of crucial importance not to forget about appropriate protection against the internal threats, posing the biggest risks to businesses. If you don’t know, what to start with or lack required expertise & resources, you may contact our experts and request free trial of the Managed Security Services, ensuring turnkey protection against the widest range of internal threats.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.