The year 2024 is more than halfway done, and it has already been marked by some of the most significant and harmful data breaches on record. The gravity of these cyber breaches seems to worsen just when we think they’ve hit their peak.
This year has witnessed extensive theft and online posting of vast amounts of personal customer information and comprehensive medical records of a majority of U.S. citizens. The most severe data breaches thus far have resulted in over a billion compromised records and counting. These incidents have dire consequences for the victims involved and further embolden the perpetrators of these cybercrimes.
Join us as we revisit the recent past and delve into the major security breaches of 2024, their impacts, and, in some cases, their preventable nature.
The AT&T Incidents: Nearly All Customers Affected, Alongside Numerous Non-Customers
For AT&T, the year 2024 has proven to be a challenging one in terms of data security. The telecom giant disclosed not one, but two distinct data breaches within a few months.
In July, AT&T reported that over a six-month stretch in 2022, cybercriminals accessed and stole data that included phone numbers and call logs of virtually every one of its clients, approximated at 110 million individuals, from a database held with Snowflake (more details to follow).
Though the stolen data, which allegedly led AT&T to pay a hacker’s ransom to delete it (according to reports), wasn’t made public and didn’t contain the substance of the communications, the metadata it did include could disclose call recipients, timing, and even approximate locations in some cases. Additionally, it compromised the information of non-AT&T customers contacted by the company’s subscribers, posing significant risks especially to individuals at increased risk like domestic abuse survivors.
An earlier incident in March saw a data broker leak 73 million customer records on a cybercrime forum, years after initially teasing a portion of the data online.
The exposed data encompassed personal details such as names, phone numbers, and addresses, with some individuals verifying their data was amongst the leaked. However, it wasn’t until encrypted passcodes tied to AT&T accounts were found within the data, which could potentially be cracked, that AT&T initiated a forced reset of the affected passcodes. This action was taken following the discoveries made by a security researcher and communicated to the company by TechCrunch.
Yet, the source of the data leak remains a mystery to AT&T.
The Change Healthcare Breach: A Substantial Chunk of American Medical Data Compromised
The Department of Justice’s unsuccessful attempt in 2022 to prevent UnitedHealth Group from acquiring Change Healthcare, citing concerns over excessive access to Americans’ health insurance claims, set the stage for a catastrophic event two years later. A proficient ransomware gang infiltrated Change Healthcare, exploiting a system that lacked vital multi-factor authentication to siphon off vast quantities of sensitive health data.
The breach inflicted a protracted disruption, lingering for weeks and impacting hospitals, pharmacies, and medical offices nationwide. The full repercussions for the people affected are yet to unfold, but UnitedHealth has acknowledged that the stolen information encompasses personal, medical, and billing specifics of a significant portion of the U.S. population.
The breadth of the impact is staggering, with UnitedHealth’s CEO hinting at a third of Americans possibly being affected, a figure that may yet rise.
The Synnovis Incident: London Hospitals Grapple with Extensive Service Disruptions
In June, a cyberattack targeted Synnovis, a pivotal pathology lab serving London’s medical facilities, leading to substantial interruptions in patient services. The attack prompted the cancellation of thousands of medical proceedings and declared a critical incident, straining the U.K. health sector.
The assault, attributed to a Russian ransomware faction, involved the theft of data on approximately 300 million patient interactions, posing long-term threats to those implicated. Synnovis opted against paying the demanded $50 million ransom, a stance that, while hindering the hackers’ profit motives, forced the U.K. government into contingency planning.
The Snowflake Fiasco: Ticketmaster Among Those Affected with 560 Million Records Allegedly Stolen
A spate of data thefts from Snowflake culminated in one of the year’s most substantial breaches, involving the theft of data from myriad major corporations. The heist impacted hundreds of millions, including a purported 560 million records from Ticketmaster alone, showcasing the magnitude of data compromise.
Noteworthy Also-Rans
Among additional mentionables, pharmaceutical behemoth Cencora disclosed a breach affecting over a million patients – with numbers still climbing, and nearly half of Australia’s population was caught up in the MediSecure ransomware debacle. Kaiser inadvertently shared millions of patients’ details with advertisers, and the U.S. Postal Service acknowledged its part in the rampant data sharing malpractice, underlining a year fraught with digital vulnerabilities.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
