We have passed half of 2024 and we have witnessed some of the biggest and most dangerous data breaches in recent time. The worst data breaches of 2024 so far have already exceeded 1 billion stolen records, with numbers continuing to climb.
These breaches not only affect the individuals whose data was irretrievably exposed, but also embolden the criminals who profit from their malicious cyberattacks.
Some of the biggest security incidents of 2024:
Mystery AT&T data leak exposed 73 million customer accounts
Three years after a hacker teased a sample of allegedly stolen AT&T customer data, a data breach broker in March released the full cache of 73 million customer records on a known cybercrime forum, making it accessible to anyone. The leaked data included customers' personal information such as names, phone numbers, and postal addresses, with some customers confirming the accuracy of their data.
However, AT&T did not take action until a security researcher discovered that the exposed data contained encrypted passcodes used for accessing AT&T accounts. The researcher informed a news source that these encrypted passcodes could be easily unscrambled, putting approximately 7.6 million active AT&T customer accounts at risk of hijacking. Following this revelation, AT&T force-reset its customers' account passcodes after the news source notified the company of the researcher's findings.
Change Healthcare hackers stole medical data on “substantial proportion” of people in America
In 2022, the U.S. Justice Department attempted to block UnitedHealth Group's acquisition of Change Healthcare, fearing it would give UnitedHealth access to about half of all Americans' health insurance claims annually. Despite their efforts, the deal went through.
Two years later, Change Healthcare was hacked by a ransomware gang due to a lack of multi-factor authentication on a critical system. This breach led to the theft of vast amounts of sensitive health data and caused weeks of downtime, affecting hospitals, pharmacies, and healthcare practices nationwide. The full impact of the breach is still unfolding, but UnitedHealth has confirmed that the stolen data includes personal, medical, and billing information for a substantial portion of the U.S. population. UnitedHealth paid the hackers to obtain a copy of the stolen data.
Synnovis ransomware attack sparked widespread outages at hospitals across London
In June, a cyberattack on U.K. pathology lab Synnovis caused weeks of disruption to patient services. The attack led the local National Health Service (NHS) trusts to postpone thousands of operations and procedures, resulting in the declaration of a critical incident in the U.K. health sector.
A Russia-based ransomware gang was blamed for the attack, which compromised data from around 300 million patient interactions spanning many years. Some stolen data was already published online as part of an extortion attempt. Synnovis refused to pay the $50 million ransom, leaving the U.K. government scrambling to prepare for the potential release of millions of health records.
One of the NHS trusts, which manages five hospitals in London, reportedly failed to meet the U.K. health service's data security standards in the years leading up to the cyberattack on Synnovis.
Ticketmaster had an alleged 560 million records stolen in the Snowflake hack
A series of data thefts from cloud data giant Snowflake escalated into one of the year's largest breaches, affecting numerous corporate customers. Cybercriminals exploited stolen credentials from data engineers to access Snowflake environments, stealing hundreds of millions of records from major companies. Notable breaches included 560 million records from Ticketmaster, 79 million from Advance Auto Parts, and 30 million from TEG.
Snowflake does not mandate the use of security features to prevent intrusions from stolen or reused passwords. Incident response firm Mandiant reported that around 165 Snowflake customers had data stolen, often involving significant volumes of customer information. So far, only a few of these companies have confirmed breaches, including Neiman Marcus, Santander Bank, and the Los Angeles Unified School District, which saw millions of student records compromised. More Snowflake customers are expected to disclose breaches in the near future.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.