In 2023, the exploitation of software vulnerabilities nearly tripled as an initial access vector for cyber breaches, accentuated by incidents like the MOVEit breach, according to Verizon's Data Breach Investigations Report. Ransomware attacks increasingly leveraged zero-day vulnerabilities, with a third of all breaches involving extortion, notably via Clop ransomware's exploitation of MOVEit. The report further indicated a 68% increase in breaches involving third parties, underscoring the growing vulnerabilities within software and supply chains. The findings emphasize the urgent need for enterprises to improve software vulnerability remediation, which takes an average of 55 days for half of critical vulnerabilities, and enhance cybersecurity education among workers. The report, analyzing a record 30,458 security incidents and 10,626 confirmed breaches, highlighted the significant role of human error and social engineering in breaches, demonstrating the critical need for comprehensive cybersecurity strategies that include both technological and human elements.

CVE exploitation nearly tripled in 2023, Verizon finds Cybersecurity Dive

In February, a significant ransomware attack targeted a UnitedHealth Group subsidiary, potentially compromising the personal data of a third of Americans and disrupting pharmacy operations nationwide. UnitedHealth CEO, Andrew Witty, disclosed to Congress that it might take months to identify and notify affected individuals due to the ongoing data analysis. Witty confirmed a $22 million ransom was paid to the hackers, who exploited a weakly secured server, and he has since apologized for the breach. This incident, considered one of the largest healthcare cyberattacks in US history, has exposed vulnerabilities in the health sector's cybersecurity infrastructure, prompting calls for tighter regulations. Despite paying the ransom, UnitedHealth is under scrutiny for its data protection practices, with an ongoing investigation by the Department of Health and Human Services and continued pressure from lawmakers to clarify the extent of data compromise.

A third of Americans could have had data stolen in big health care hack CNN

Dropbox, Inc. disclosed a cybersecurity incident affecting the Dropbox Sign (formerly HelloSign) production environment through an SEC 8-K filing on May 1, 2024. This unauthorized access was first detected on April 24, 2024, and involved a threat actor accessing Dropbox Sign user information, including emails, usernames, phone numbers, hashed passwords, and certain authentication details such as API keys, OAuth tokens, and multi-factor authentication. The incident, believed to be limited to Dropbox Sign infrastructure without impacting other Dropbox products, prompted immediate security responses including password resets, user notifications, and coordination with law enforcement and regulatory authorities. Remediation efforts are underway, and while there has been no evidence of access to the contents of users' accounts or payment information, Dropbox acknowledges the breach has violated their standard of trust and is conducting a comprehensive review to prevent future incidents.

2024-05-01 DROPBOX, INC. Cybersecurity Incident board-cybersecurity.com

David Ting, Tausight's CTO, and Larry Ponemon from the Ponemon Institute highlight the escalating risks and inefficiencies in healthcare data security during a webinar. Their research identifies a pervasive lack of visibility into where and how Protected Health Information (PHI) is stored and accessed, weaknesses exacerbated by frequent cyberattacks and inadequate cyber-hygiene practices. They emphasize the need for heightened responsibility and advanced solutions to locate, protect, and manage PHI effectively, advocating for better awareness, data management policies, and rapid incident responses to mitigate risks. Ting’s firm provides technology that seeks to improve PHI visibility across systems, which is crucial in preventing data breaches and ensuring patient trust in their healthcare providers.

"You Can't Rebuild Data": The Key Role of Visibility in Protecting Information | healthsystemcio.com healthsystemCIO.com