We are already more than halfway through the year 2024 and this year we have already witnessed some of the largest and most damaging data breaches in recent history. And just when you think some of these attacks can't get any worse, they do.
From vast amounts of personal customer information being extracted, stolen, and published online to the theft of vast amounts of medical data for the majority of individuals in the United States, the worst data breaches of 2024 to date have already surpassed at least one billion stolen records and the number continues to rise. These breaches not only affect the individuals whose data was irreparably exposed, but they also embolden the criminals who profit from their malicious cyberattacks.
Travel with us to the not-so-distant past to see how some of the biggest security incidents of 2024 occurred, their impact, and in some cases, how they could have been stopped.
Mysterious AT&T data breach exposed 73 million customer accounts
About three years after a hacker posted a sample of allegedly stolen AT&T customer data, a data breach agent in March posted the entire cache of 73 million customer records online on a well-known cybercrime forum to that anyone could see them. The published data included customers' personal information, including names, phone numbers and postal addresses, and some customers confirmed that their data was accurate.
But it wasn't until a security researcher discovered that the exposed data contained encrypted access keys used to access an AT&T customer's account that the telecommunications giant took action. The security researcher told TechCrunch at the time that the encrypted passcodes could be easily cracked, putting some 7.6 million existing AT&T customer accounts at risk of hijacking. AT&T forced a reset of its customers' account passwords after TechCrunch alerted the company to the researcher's findings.
One big mystery remains: AT&T still doesn't know how the data was leaked or where it came from.
Change Healthcare hackers stole medical data from a “substantial proportion” of people in the United States
In 2022, the US Department of Justice sued health insurance giant UnitedHealth Group to block its attempt to acquire health technology giant Change Healthcare, fearing that The deal would give the healthcare conglomerate broad access The attempt to block the deal failed. Two years later, something far worse happened: Change Healthcare was hacked by a prolific ransomware gang; its powerful banks of confidential healthcare data were stolen because one of the company’s critical systems was not protected with multi-factor authentication.
The cyberattack caused a prolonged service outage for weeks, causing widespread disruptions to hospitals, pharmacies and healthcare facilities across the United States. But the full consequences of the data breach have not yet been known, although the consequences for those affected are likely to be irreversible. UnitedHealth claims that the stolen data (which it paid the hackers to copy) includes personal, medical and billing information for a “substantial proportion” of people in the United States.
UnitedHealth has yet to give a figure for how many people were affected by the breach. The healthcare giant's chief executive, Andrew Witty, told lawmakers that the breach could affect about a third of Americans, and potentially more. For now, it's just a matter of how many Hundreds of millions of people in the United States are affected.
Synnovis ransomware attack caused widespread outages in London hospitals
A cyberattack in June on UK pathology laboratory Synnovis – a blood and tissue testing laboratory for hospitals and health services across the UK capital – led to widespread disruption to patient services for weeks. Local NHS trusts that rely on the lab postponed thousands of operations and procedures following the attack, leading to a critical incident being declared across the UK healthcare sector.
A Russia-based ransomware gang was blamed for the cyberattack, which saw Data theft related to some 300 million patient interactions It dates back a “significant number” of years. Like the Change Healthcare data breach, the ramifications for those affected are likely to be significant and lifelong.
Some of the data had already been posted online in order to extort the lab into paying a ransom. Synnovis reportedly refused to pay hackers' $50 million ransompreventing the gang from profiting from the hack but leaving UK government struggles to come up with plan in case hackers posted millions of medical records online.
One of the NHS trusts that runs five London hospitals affected by the outages is alleged to have failed to meet data security standards required by the UK health service in the years leading up to the June cyberattack on Synnovis.
Ticketmaster allegedly had 560 million records stolen in Snowflake hack
A series of data thefts from cloud data giant Snowflake quickly became one of the biggest breaches of the year, thanks to the large amounts of data stolen from its corporate clients.
Cybercriminals stole hundreds of millions of customer data from some of the world's largest companies, including an alleged 560 million Ticketmaster records, 79 million Advance Auto Parts records and some 30 million TEG records, using stolen credentials from data engineers with access to their employers’ Snowflake environments. For its part, Snowflake does not require (or mandate) its customers to use the security feature, which protects against intrusions that rely on stolen or reused passwords.
Incident response firm Mandiant said about 165 Snowflake customers had data stolen from their accounts, in some cases a “significant volume of customer data.” So far, only a handful of the 165 companies have confirmed that their environments were compromised, which also includes tens of thousands of employee records from Neiman Marcus and Santander Bankand Millions of student records in the Los Angeles Unified School DistrictWe expect many Snowflake customers to apply.
