Home » October 2024: Biggest Cyber Attacks, Data Breaches, Ransomware Attacks

October 2024: Biggest Cyber Attacks, Data Breaches, Ransomware Attacks

by Chetan
October 2024 - Biggest cyber attacks

MoneyGram, Casio, ADT Alarms, Zendesk, ESET, Radiant Capital, Wayback Machine, Landmark Insurance, Red Barrels, and Game Freak—what do these companies have in common?

In October 2024, all of them faced cybercrime incidents, and for some, it wasn’t even the first attack that month. Our latest report covers the major cybersecurity breaches, ransomware attacks, and data leaks from the past month, shedding light on the latest wave of cyber threats affecting organizations worldwide.

October 2024 Cybersecurity Highlights:

  • Ransomware Attacks: An analysis of the most notable ransomware incidents.
  • Data Breaches: A look at significant data leaks compromising sensitive information.
  • Cyber Attacks: A recap of widespread attacks across industries.
  • Emerging Malware and Ransomware: New strains discovered and their implications.
  • New Vulnerabilities: Updates on vulnerabilities found and patches issued.
  • Advisories and Reports: Expert analysis and recommended precautions.

October’s incidents spanned industries from finance to healthcare, retail, and government, revealing just how adaptive cybercriminals have become. Every organization—whether a watch manufacturer, a video game developer, or a global fintech leader—faces the possibility of cyber threats, and these incidents highlight the importance of preparedness.

Our monthly roundup underscores the pressing need for cyber resilience. Strengthening your organization’s defenses and having a well-rehearsed incident response plan are critical steps to minimize risks. Conducting scenario-based Cyber Tabletop Exercises can help organizations evaluate their response capabilities and improve their readiness for potential cyber events.

Browse this month’s incident insights to stay informed on the latest threats. Learning from these cases can help bolster your own organization’s defenses—because when it comes to cybercrime, proactive preparation, awareness, and constant vigilance are the best strategies to stay secure.

Ransomware Attacks in October 2024

DateVictimSummaryThreat ActorBusiness ImpactSource Link
October 01, 2024UMC Health SystemUMC Health System diverted patients following a ransomware attack that impacted its network.UnknownTexas-based UMC Health System had to redirect emergency and non-emergency patients as it managed an IT outage resulting from a ransomware attack.BleepingComputer
October 01, 2024Community Clinic of Maui, MālamaCommunity Clinic of Maui notified 123,000 individuals about a data breach from a May cyberattack.LockBitHackers accessed sensitive data, including Social Security and bank account numbers, and forced the clinic to take servers offline.The Record
October 02, 2024Royal MailHackers impersonated Royal Mail to spread Prince ransomware with a destructive campaign.UnknownTargeted a small number of organizations with no decryption or data exfiltration capabilities.The Record
October 10, 2024CasioCasio confirmed a ransomware attack leading to the theft of personal and confidential data.Underground RansomwareDisruption of Casio’s services, affecting data of employees, customers, and job candidates.BleepingComputer
October 16, 2024Globe LifeGlobe Life faced blackmail after customer data was stolen by cybercriminals.UnknownHackers attempted to extort the insurance giant to avoid releasing sensitive data.BleepingComputer
October 16, 2024Boston Children’s Health PhysiciansBianLian ransomware group claimed an attack on Boston Children’s Health Physicians.BianLian ransomwareAttackers threatened to leak sensitive patient data unless a ransom was paid.BleepingComputer
October 18, 2024NidecTech giant Nidec confirmed a data breach following a ransomware attack.8BASE and Everest gangsData stolen and leaked on the dark web, with failed extortion attempts.BleepingComputer
October 21, 2024Berufsbildungszentrum (BBZ)BBZ, a vocational training center, became a ransomware victim, disrupting its IT systems.UnknownAttackers encrypted BBZ’s servers, blocking access and demanding ransom, which was refused.The Record
October 24, 2024Henry ScheinHenry Schein disclosed a data breach impacting over 160,000 people after a 2023 ransomware attack.BlackCat Ransomware gangRevealed personal data exposure due to back-to-back attacks in 2023.BleepingComputer
October 24, 2024UnitedHealthUnitedHealth confirmed a major data breach impacting 100 million individuals in the Change Healthcare ransomware incident.BlackCat ransomware (ALPHV)Marked as one of the largest healthcare breaches in recent years, affecting personal and healthcare data of millions.BleepingComputer

Data Breaches in October 2024

DateVictimSummaryThreat ActorBusiness ImpactSource Link
October 01, 2024RackspaceRackspace servers hit by zero-day vulnerability, resulting in data breach and temporary outage.UnknownRackspace took monitoring dashboard offline, and customer data related to monitoring was accessed.Rackspace data breach due to zero-day flaw
October 03, 2024Dutch PoliceDutch government attributes police network hack to a foreign state actor.An anonymous state actorHackers accessed contact information of all Dutch police officers.Dutch Police data breach attack
October 03, 2024Red BarrelsRed Barrels’ Outlast Studio suffered source code theft and 1.8 TB of data was compromised.UnknownThe attack is expected to delay the development of the studio’s projects.Data breach attack on Outlast Studio’s Red Barrels
October 04 and 07, 2024MoneyGramMoneyGram experienced a cyber attack disrupting customer access, with personal data compromised.Likely Scattered Spider collectiveSystems were offline for five days, affecting customer transactions and data security.BleepingComputer
October 05, 2024Comcast and Truist BankComcast and Truist Bank were impacted by data breach at FBCS, compromising customer information.UnknownInvestigation ongoing; customer notifications about compromised data sent by Comcast and Truist.BleepingComputer
October 07, 2024ADTADT faced second data breach in two months due to compromised credentials.UnknownStolen credentials led to exfiltration of encrypted employee account data.BleepingComputer
October 10, 2024Fidelity InvestmentsData breach affected over 77,000 Fidelity Investments customers.UnknownSensitive customer information was accessed through two recently established customer accounts.BleepingComputer
October 14, 2024Game FreakPokémon developer Game Freak confirmed data leak exposing names and emails of employees.UnknownApproximately 2,606 records with employee data were accessed and shared online.Data breach attack on Pokemon and Nintendo maker, Game Freak
October 18, 2024Cisco’s DevHub portalCisco took its DevHub portal offline after IntelBroker leaked sensitive “non-public” data.IntelBrokerNo evidence of system breach, but Cisco took the portal offline to prevent further leaks.BleepingComputer
October 18, 2024Boston Children’s Health PhysiciansBoston Children’s Health Physicians experienced data breach exposing patient information.BianLian Ransomware GroupSensitive patient data, including Social Security numbers, medical records, and billing information, were compromised.The Record
October 24, 2024Insurance admin LandmarkLandmark disclosed a data breach impacting over 800,000 people from a May cyber attack.UnknownAffected personal data of customers and employees, with notifications sent to impacted individuals.BleepingComputer

Cyber Attacks in October 2024

DateVictimSummaryThreat ActorBusiness ImpactSource Link
October 04, 2024U.S. Wiretap Systems (AT&T, Verizon, Lumen Technologies)China-linked hackers targeted U.S. broadband providers’ networks used for wiretapping.Suspected Chinese hackersHackers potentially accessed sensitive information from federal wiretapping systems, posing a significant national security risk by gaining access to generic internet traffic and court-authorised communications data.Cyber attack on U.S. Wiretap Systems; AT&T, Verizon, Lumen Technologies
October 06, 2024LegoLego website compromised in a crypto scam promoting a fake “LEGO Coin” cryptocurrency.UnknownThe scam attempted to lure Lego fans into buying a fake cryptocurrency, redirecting them to a site accepting payments in Ethereum.Lego cyber attack
October 07, 2024American WaterAmerican Water shut down online services following a cyber attack.UnknownThe cyber attack led to system shutdowns for the largest publicly traded water utility company in the U.S.American Water cyber attack
October 17, 2024Japan’s Liberal Democratic Party (LDP)Japan’s ruling party suffered a website disruption caused by pro-Russian hackers.Pro-Russian hackers, including NoName057(16)The website disruption coincided with the start of Japan’s general election campaign, temporarily affecting access to the LDP’s site.Japan’s ruling Liberal Democratic Party (LDP) cyber attack
October 18, 2024ESET’s Israeli partner, ComsecureHackers breached ESET’s partner in Israel to deploy data-wiping malware.UnknownIsraeli businesses received phishing emails containing disguised data-wiper malware posing as antivirus software.BleepingComputer
October 18, 2024Radiant Capital$50 million in cryptocurrency stolen from Radiant Capital following account compromise.UnknownHackers accessed trusted developers’ accounts to carry out the attack, compromising substantial digital assets on the decentralized finance platform.The Record
October 21, 2024Wayback Machine, Archive-ItHacker responsible for Internet Archive breach claims continued access, sending messages to support contacts.UnknownInternet Archive services, including the Wayback Machine, were temporarily down and remain partially restored. Some users received messages from the hacker.The Record

New Ransomware/Malware Discovered in September 2024

New RansomwareSummary
WarmCookie Backdoor (New Version)A new ‘FakeUpdate’ campaign in France uses compromised websites to display fake browser and application update prompts, spreading an updated version of the WarmCookie backdoor.
Qilin Ransomware ‘Qilin.B’A new Rust-based variant of Qilin (also known as Agenda) ransomware, dubbed ‘Qilin.B,’ has been observed in attacks. This version incorporates enhanced encryption, improved evasion tactics against security tools, and capabilities to interfere with data recovery mechanisms.

Vulnerabilities/Patches Discovered in October 2024

DateNew Malware/Flaws/FixesSummary
October 01, 2024CVE-2024-45489The Browser Company launched an Arc Bug Bounty Program in response to a critical remote code execution vulnerability, CVE-2024-45489, encouraging researchers to report issues.
October 02, 2024FSCT-2024-0006, FSCT-2024-0007, FSCT-2024-0014, FSCT-2024-0001, FSCT-2024-0002DrayTek issued updates to patch 14 vulnerabilities in its routers, including a CVSS 10-rated remote code execution flaw. An estimated 785,000 routers are at risk.
October 02, 2024CVE-2024-41925, CVE-2024-45367CISA warned of two critical vulnerabilities allowing authentication bypass and RCE in Optigo Networks ONS-S8 Aggregation Switches used in critical infrastructure.
October 02, 2024CVE-2024-29824CISA alerts of an Ivanti EPM appliance vulnerability that allows RCE and is currently exploited in attacks.
October 02, 2024CVE-2024-45519European agencies reported an exploited vulnerability in Zimbra email products that spreads malware.
October 03, 2024CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177A series of vulnerabilities could enable significant DDoS attacks, raising alarms among cybersecurity experts.
October 03, 2024CVE-2024-32102, CVE-2024-2961Adobe Commerce and Magento stores face “CosmicSting” attacks, exploiting CVE-2024-32102 and CVE-2024-2961, impacting approximately 5% of online stores.
October 03, 2024CVE-2024-47176A Common Unix Printing System (CUPS) vulnerability enables DDoS attacks with up to 600x amplification.
October 07, 2024CVE-2024-43047Qualcomm released patches for a DSP zero-day affecting multiple chipsets, identified by researchers from Google Project Zero, Amnesty International, and others.
October 08, 2024CVE-2024-9379, CVE-2024-9380, CVE-2024-9381, CVE-2024-8963Ivanti addressed three new Cloud Services Appliance (CSA) zero-days, reported as being actively exploited.
October 10, 2024CVE-2024-9164GitLab released updates for Community and Enterprise Editions, including a fix for a critical arbitrary branch pipeline execution flaw.
October 10, 2024CVE-2024-40711A critical RCE vulnerability in Veeam Backup & Replication servers is now being exploited by ransomware groups.
October 16, 2024CVE-2024-38178North Korean ScarCruft hackers exploited an Internet Explorer zero-day to deliver RokRAT malware and exfiltrate sensitive data.
October 16, 2024CVE-2024-9486A Kubernetes vulnerability could allow unauthorized SSH access to virtual machines created with Kubernetes Image Builder.
October 16, 2024CVE-2024-28987CISA added a critical hardcoded credentials flaw in SolarWinds Web Help Desk to its Known Exploited Vulnerabilities list, with fixes issued in August 2024.

Warnings/Advisories/Reports/Analysis

News TypeSummary
ReportThe UK National Crime Agency (NCA) sanctioned 16 members of the Russian hacker group Evil Corp, linking them to the prolific ransomware group LockBit.
ReportAPT hacking group FIN7 launched fake AI-powered deepnude generator sites to infect visitors with information-stealing malware.
ReportCambodian journalist Mech Dara was arrested on charges of “incitement to disturb social security” amid his investigation into the cyber scam industry.
ReportThe Police Service of Northern Ireland (PSNI) was fined £750,000 ($1 million) after accidentally disclosing the identities of all officers and staff, exposing them to potential danger.
ReportA distributed denial-of-service campaign targeted the financial, internet, and telecom sectors, peaking at a record 3.8 terabits per second with over 100 hyper-volumetric DDoS attacks.
ReportCybersecurity researchers identified mobile applications used in ‘pig butchering’ scams on official Google and Apple repositories.
ReportSellafield nuclear facility was fined £332,500 for cybersecurity failures that risked sensitive nuclear data between 2019 and 2023.
ReportESET reported the GoldenJackal APT group’s breach of air-gapped European government systems using custom tools to exfiltrate sensitive data.
WarningU.S. and U.K. cyber agencies warned that Russian-linked APT29 hackers are targeting Zimbra and JetBrains TeamCity servers at scale.
ReportMarriott and Starwood Hotels will pay $52 million and enhance information security after data breaches impacting 344 million customers.
ReportOpenAI disrupted over 20 cyber operations abusing ChatGPT for malware development, misinformation, evasion tactics, and spear-phishing.
ReportThe U.S. Department of Justice unsealed an indictment against two Sudanese brothers accused of operating the hacktivist group Anonymous Sudan, known for over 35,000 DDoS attacks.
ReportIranian hackers are targeting critical infrastructure to gather credentials and network data for resale to other threat actors.
ReportNorth Korean IT professionals are reportedly tricking Western companies into hiring them, then stealing data and demanding ransoms.
ReportThe FBI arrested an Alabama man suspected of hacking the SEC’s X account to make a fake announcement about Bitcoin ETFs.
ReportA new ClickFix campaign uses fake Google Meet pages to deliver info-stealing malware for Windows and macOS.
WarningMicrosoft warned enterprise clients of a bug that caused critical logs to be partially lost, potentially affecting unauthorized activity monitoring.
ReportNew speculative execution vulnerabilities bypass Spectre mitigations in Intel and AMD processors on Linux.
ReportMicrosoft reported an increase in ransomware attacks, with hundreds of healthcare institutions targeted over the last year.
ReportMicrosoft is using realistic-looking honeypot tenants to gather intelligence on phishing actors.
ReportSeveral pro-Palestine hacker groups claimed coordinated cyber attacks on Cyprus’ critical infrastructure and government websites.
ReportThe British government is exploring stronger responses to cyberthreats, according to a recent speech by Security Minister Dan Jarvis.
ReportLinkedIn was fined €310 million by the Irish Data Protection Commission for violating EU data protection laws with behavioral analysis and targeted ads.
ReportThe UK High Court approved a legal challenge by a dissident against Saudi Arabia for allegedly deploying zero-click spyware against him.

For Emergency Contact :

Synergy IT solutions Group 

439 University Avenue, 5th Floor 

Toronto, ON M5G 1Y8 

+1(866) 966-8311 

+1(905) 502-5955 

Email  :  

[email protected] 

[email protected] 

Website : https://www.synergyit.ca/ 

Related Posts

Leave a Comment