Data Breaches and Cyber Attacks in Europe in January 2024 – 2,111,560,354 Records Breached

IT Governance Europe’s research found the following for January 2024:

While more than 2 billion records known to be breached in Europe feels like a lot – it’s certainly a big start to the year – the figure is dwarfed by this month’s global numbers.

However, the global figures have been significantly skewed by a big outlier event: the mother of all breaches, or MOAB. This 26-billion record exposure is probably the largest data leak to date, involving the data of 3,876 organisations – including Europe-based ones.

Because a lot of this data is compiled from old breaches, we didn’t feel it right to log this event as individual organisations – instead, we treated it like any other COMB (compilation of many breaches), and grouped the data. This means that the geographic location of this incident was logged as ‘multiple’, and as such, has been excluded from this European analysis.

When you exclude the MOAB from the global total, you’re left with ‘only’ 3,530,829,011 records known to be breached. This means that Europe’s 2,111,560,354 records are a significant proportion of the global total, when only considering ‘regular’ incidents. As a result, all remaining incidents in this report truly are new ones, first coming into the public domain in January 2024.

Europe had its own outlier event this month: a cyber attack on the Russian research centre Planeta, which allegedly wiped 2 PB (petabytes) of data.* This incident is discussed in more detail below.

*For incidents where we only know the file size of the data breached, we use the formula 1 MB = 1 record. Given that we can’t know the exact numbers, as it depends on the types of records included (for instance, pictures and medical histories are considerably larger files than just names and addresses), we err on the side of caution by using this formula. We believe that this underestimates the records breached in most cases, but it is more accurate than not providing a number at all.

Data Breach Dashboard

For a quick, one-page overview of this month’s findings, check out our Data Breach Dashboard:

Note: The global incident metrics have excluded the MOAB to avoid skewing the data.

This blog provides further analysis of the data we’ve collected. We also provide an annual overview and analyse the longer-term trends in our 2024 overview of publicly disclosed data breaches and cyber attacks in Europe.

You can learn more about our research methodology here.

Top 2 biggest breaches

1. Russian research centre Planeta cyber attacked by Ukraine, allegedly 2 PB of data wiped

The Main Directorate of Intelligence of the Ministry of Defense of Ukraine, HUR, claims to have destroyed a 2-PB database belonging to Russia’s Far Eastern Research Center for Space Hydrometeorology, or Planeta.

With the caveat that news of state-sponsored attacks against combatants during wartime must be treated with a certain degree of caution, it appears that the cyber attack on Planeta – which receives and processes satellite data on behalf of more than 50 Russian state entities, including the Ministry of War – destroyed 280 servers at a cost of “at least $10 million”.

Data breached: 2 PB.

2. More than 60 TB of data from IPL Consulting allegedly destroyed in Ukrainian cyber attack

HUR has also reportedly destroyed the entire infrastructure of IPL Consulting, a Russian organisation that specialises in implementing information systems in the industrial defence sector.

HUR commented: “In the conditions of ongoing sanctions against Russia, the inflicted losses on the adversary are extremely painful. Moreover, dozens of Russian companies working for the aggressor state’s defense industry will suffer.”

As ever, stories relating to cyber warfare must be treated with due caution.

Data breached: >60 TB.

Breached countries

This month, the following countries suffered at least one publicly disclosed incident: Belgium (5), Bosnia and Herzegovina (1), Bulgaria (1), Czech Republic (1), Denmark (1), Estonia (1), Finland (1), France (9), Germany (7), Hungary (1), Ireland (1), Italy (11), Luxembourg (1), the Netherlands (6), Norway (2), Romania (1), Russia (8), Spain (9), Sweden (3), Switzerland (6), Turkey (1), the UK (31) and Ukraine (5).

Top 3 (by number of incidents)

Top 3 (by number of records)

Sector overview

For our monthly analyses, we just look at the top 3 most breached sectors in Europe by number of incidents and by known number of records breached.

We provide a full sector breakdown in our annual report.

Top 3 most breached sectors (by number of incidents)

Note: To make this table as informative as possible, the percentages exclude the ‘multiple’, ‘other’ and ‘unknown’ sectors.

Top 3 most breached sectors (by number of records)

Security Spotlight

To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our free weekly newsletter: the Security Spotlight.

Every Tuesday, you’ll get a short email with:

  • Industry news, including a round-up of the week’s publicly disclosed data breaches and cyber attacks in Europe;
  • Our latest research and statistics;
  • Interviews with our experts, sharing their insights and expertise;
  • Free useful resources; and
  • Upcoming webinars.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.