As we step into 2024, it's crucial to reflect on the cyber landscape of the past year, marked by significant breaches that underscore the persistent challenges in securing our digital lives.
Biotech giant 23andMe, known for its DNA testing services, fell victim to a data breach, exposing sensitive genetic information.
In a credential-stuffing attack, hackers gained unauthorized access to customer accounts, specifically targeting data related to individuals of Ashkenazi Jewish and Chinese descent.
The stolen data encompassed first and last names, email addresses, birth dates, and genetic ancestry details.
Duolingo, a leading language-learning app with over 74 million users, faced a data leak affecting more than 2.6 million users.
The breach, initially brought to light by the Twitter account vx-underground, exploited a flaw in Duolingo's API. The leak exposed user email addresses and other information.
Despite a prior leak in January, the API remained susceptible, allowing attackers to exploit the same method to access user data.
A new entrant to the Android malware scene, 'Xamalicious,' discreetly infiltrated approximately 338,300 devices through malicious apps on Google Play.
NET-based Android backdoor hid within seemingly innocent apps developed using the Xamarin framework.
Notable among the infected apps were those with functionalities ranging from horoscope readings to skin editing for Minecraft.
T-Mobile, a wireless giant, faced a colossal breach as attackers exploited an API, compromising names, emails, and birthdays of 37 million users.
While no financial data was compromised, the incident spotlighted the ongoing challenges in safeguarding user information.
The breach underscores the far-reaching consequences for companies dealing with customer data.
Chick-fil-A, renowned for its efficiency and chicken sandwiches, notified users of a breach through its mobile app.
Approximately 2% of users faced potential unauthorized transactions.
The incident prompted Chick-fil-A to reinforce app security and offer reimbursements for affected users, shedding light on the vulnerabilities in mobile application defenses.
Hindsight is 20/20 as they say, but we've been tracking breaches all year in our newsletter.
There are plenty of innovative companies fighting alongside us at Approov Mobile Security to combat all the bad we see.
As we anticipate the challenges of 2024, these incidents serve as reminders to stay vigilant, proactive, innovative, and optimistic in our approach to digital security.
This is a Security Bloggers Network syndicated blog from Approov Blog authored by Pearce Erensel.
This Cyber News was published on securityboulevard.com. Publication date: Mon, 15 Jan 2024 09:43:05 +0000