September 12
Fortinet Customer Data Breach: Fortinet confirmed a breach affecting a “small number” of its more than 775,000 customers after a hacker leaked 440GB of data, including customer and HR information, via BreachForums following failed ransom negotiations. The incident stemmed from unauthorized access to files on a third-party cloud drive, likely through stolen credentials or phishing. While Fortinet quickly mitigated the impact, the breach highlights vulnerabilities in SaaS environments and underscores the need for stronger security measures like MFA, encryption, and zero-trust principles.
What could have prevented the incident: ResilientX Security
May 9
Dell Data Breach: Dell has confirmed a data breach involving a portal containing limited customer information, including names, physical addresses, and hardware order details, but no financial, email, or phone data. The breach, discovered in early May, is under investigation with assistance from forensic specialists and law enforcement. While Dell stated that the breach poses no significant risk, reports suggest that a hacker attempted to sell 49 million customer records from 2017 to 2024, potentially enabling targeted phishing attacks. Customers are advised to monitor their accounts and report suspicious activity. Dell has implemented containment measures and continues to monitor the situation to safeguard customer information.
What could have prevented the incident: Invicti
January 23
Trello Data Breach: Trello’s data breach affected 15 million users, exposing email addresses, names, usernames, and project details. The attacker scraped public resources using emails from prior breaches without unauthorized system access. Trello responded by requiring authentication for profile queries, updating its API, and advising users to enable 2FA and use strong passwords.
What could have prevented the incident: Invicti API Security
October 6
Cisco Data Breach: Reports indicate that a hacker known as “IntelBroker,” along with two accomplices, infiltrated Cisco’s IT network, gaining access to a substantial amount of company data. The stolen information reportedly includes “GitHub projects, GitLab projects, SonarQube projects, source code,” and additional materials. Cisco stated that the breach occurred through a publicly accessible DevHub environment. This environment was intended to provide customers with access to source code, scripts, and other materials as part of a content management and marketing platform.
What could have prevented the incident: Invicti, ResilientX Security
May 10
JPMorgan Chase Data Breach: The Maine District Attorney’s Office has been informed that a software flaw in JPMorgan Chase’s systems, present since 2021, may have exposed the personal information about nearly half a million customers. Fortunately, there is currently no indication that the data has been misused or accessed for malicious purposes. However, authorized individuals might have connected to the bank during that period may have accessed the information.
What could have prevented the incident: Netwrix Endpoint Protector, Netwrix Privilege Secure
