Major Breaches Strike Internet Archive and Fidelity Investments Today
On October 10, 2024, the cybersecurity landscape was rocked by significant breaches affecting notable organizations. The Internet Archive reported a data breach that compromised the personal information of 31 million users, including usernames, email addresses, and password hashes. This breach coincided with a DDoS attack attributed to a pro-Palestinian group, amplifying concerns about the site’s security resilience. Meanwhile, Fidelity Investments disclosed a breach affecting approximately 77,000 customer records, compromising sensitive information such as names and Social Security numbers. Although detected earlier, this breach was reported widely only this month, raising questions about timely disclosure and incident management. Additionally, Free, a French Internet Service Provider, revealed that over 19 million customers' data, including personal information and IBANs, was exposed, further emphasizing the pervasive threat of phishing attacks. Organizations must bolster their cybersecurity protocols to mitigate these risks and safeguard sensitive data.
Also In Security Today
- Ransomware Attacks Surge: UMC Health System faced operational disruptions due to a ransomware attack, illustrating the increasing risk to critical services in the healthcare sector.
- CVE-2024-9379 Alert: A critical vulnerability in Ivanti Cloud Services allows remote command execution due to poor input validation. Users are urged to apply patches immediately to mitigate risks.
- Cisco Vulnerabilities: Security flaws in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products could allow unauthorized access, necessitating urgent software updates from affected organizations.