We’re halfway through 2024, and this year has already seen some of the biggest and most destructive data breaches in recent history. And just when you think some of these hacks can’t get any worse, they actually do.
From mass collection, theft, and posting of personal information of consumers online to the theft of healthcare data of most Americans, the worst data breaches so far in 2024 have already surpassed at least 1 billion stolen records and are continuing to grow. These breaches not only impact individuals whose data is irretrievably exposed, but also inspire criminals who profit from malicious cyberattacks.
Join us as we take a journey back in time to the not-so-distant past to see how the biggest security breaches of 2024 unfolded, their impact, and in some cases, how to prevent them.
Mysterious AT&T Data Breach Exposes 73 Million Customer Accounts
Nearly three years after hackers teased a public sample of allegedly stolen AT&T customer data, in March a data breach broker released the entire cache of 73 million customer records online on a known cybercrime forum, making them available for anyone to view. The leaked data included personal information about customers, including their names, phone numbers, and mailing addresses, and some customers confirmed that the data was accurate.
But it wasn't until security researchers discovered that the exposed data included encrypted passwords used to access customers' AT&T accounts that the telecom giant took action. Security researchers told TechCrunch at the time that encrypted passwords could be easily cracked, putting about 7.6 million existing AT&T customer accounts at risk of theft. AT&T forced customers' account passwords to be reset after TechCrunch notified the company of the researchers' findings.
One big mystery remains: AT&T still doesn't know how the data was leaked or where it came from.
Healthcare hackers have stolen medical data on 'significant portion' of Americans.
In 2022, the U.S. Justice Department sued health insurer giant UnitedHealth Group to block its attempted acquisition of health tech giant Change Healthcare, fearing the deal would give the healthcare giant broad access to “roughly half of all Americans’ health insurance claims” each year. The bid to block the deal ultimately failed. And two years later, something much worse happened: Change Healthcare was hacked by a ransomware group. A huge bank of sensitive health data was stolen because one of the company’s critical systems wasn’t protected by multi-factor authentication.
The cyberattack caused extensive downtime that lasted for weeks and caused widespread disruptions at hospitals, pharmacies, and medical facilities across the U.S. But while the full impact of the data breach has yet to be fully realized, the consequences for those affected are likely to be irreversible. UnitedHealth says the stolen data, which it paid hackers to obtain copies of, includes personal, medical, and billing information for a “significant percentage” of people in the U.S.
UnitedHealth has not yet put a number on how many individuals were affected by the breach. The health giant's chief executive, Andrew Witty, told lawmakers that the breach could affect about a third of Americans, and potentially more. For now, it's just how much Hundreds of millions of people across the United States were affected.
Synnovis ransomware attack causes widespread disruption to hospitals across London
In June, a cyberattack on the UK pathology laboratory Synnovis (a blood and tissue testing laboratory for hospitals and health services across the UK capital) caused widespread disruption to patient services for weeks. Local National Health Service Trusts that rely on the laboratory postponed thousands of surgeries and procedures following the hack, leading to a major incident being declared across the UK healthcare sector.
A Russian-based ransomware group has been blamed for a cyberattack that resulted in the theft of data relating to approximately 300 million patient interactions over a period of “significant years.” As with the Change Healthcare data breach, the impact on those affected is likely to be severe and lifelong.
As part of an effort to force the lab to pay the ransom, some of the data has already been posted online. Synnovis refused to pay the hackers $50 million ransom, preventing the gang from profiting from the hack, but the British government is said to be scrambling to come up with a plan in case the hackers publish millions of health records online.
One of the NHS trusts, which runs five hospitals across London, was affected by the service outage, and is said to have failed to meet data security standards required by the UK Health Service prior to the cyberattack on Synnovis in June. .
Ticketmaster reportedly had 560 million records stolen in the Snowflake hack.
A series of data thefts from cloud data giant Snowflake quickly snowballed into one of the largest breaches of the year, thanks to the massive amounts of data stolen from enterprise customers.
Cybercriminals used stolen data engineer credentials to steal hundreds of millions of customer records from some of the world’s largest companies, including 560 million records from Ticketmaster, 79 million records from Advance Auto Parts, and approximately 30 million records from TEG. Snowflake environments for employers. Snowflake does not require (or force) customers to use security features that protect against breaches using stolen or reused passwords.
Incident response firm Mandiant says about 165 Snowflake customers had data stolen from their accounts, in some cases “significant amounts of customer data.” Only a handful of the 165 companies have confirmed their environments were compromised so far, including tens of thousands of employee records at Neiman Marcus and Santander Bank, and millions of student records at the Los Angeles Unified School District. Expect more Snowflake customers to come forward.
