We’re halfway through 2024, and already this year we’ve seen some of the biggest, most damaging data breaches in recent history. And just when you think some of these hacks can’t get any worse, they do.
From vast stores of personal customer information being scraped, stolen and posted online, to troves of medical data covering the theft of most people in the United States, the worst data breaches of 2024 to date have already surpassed at least 1 billion stolen records and counting . These breaches not only affect the individuals whose data was irretrievably exposed, but also encourage criminals who profit from malicious cyber attacks.
Take a trip back in time with us to see how some of the biggest security incidents of 2024 went down, their impact and, in some cases, how they could have been stopped.
AT&T’s mysterious data leak exposed 73 million customer accounts
About three years after a hacker teased a public sample of allegedly stolen AT&T customer data, a data breach broker in March dumped the full cache of 73 million customer records online on a well-known cybercrime forum for all to see . The published data included personal customer details, including names, phone numbers and postal addresses, with some customers confirming their data was accurate.
However, it wasn’t until a security researcher discovered that the exposed data contained encrypted passwords used to access a customer’s AT&T account that the telecom giant took action. The security researcher told TechCrunch at the time that encrypted passwords could easily be cracked, putting about 7.6 million existing AT&T customer accounts at risk of hacking. AT&T was forced to reset its customer account passwords after TechCrunch alerted the company to the researcher’s findings.
One big mystery remains: AT&T still doesn’t know how the data was leaked or where it came from.
Change Healthcare hackers stole medical data for a “significant percentage” of people in America
In 2022, the US Department of Justice sued health insurance giant UnitedHealth Group to block its attempted takeover of health tech giant Change Healthcare, fearing that The deal will give the healthcare group broad access to about “half of Americans’ health insurance claims” each year. The bid to block the deal ultimately failed. Then, two years later, something much worse happened: Change Healthcare was breached by a prolific ransomware gang. His almighty banks of sensitive health data were stolen because one of the company’s critical systems was not protected by multi-factor authentication.
The lengthy downtime caused by the cyberattack lasted for weeks, causing widespread outages at hospitals, pharmacies and healthcare practices across the United States. However, the impact of the data breach has yet to be fully realized, although the consequences for those affected are likely to be irreversible. UnitedHealth says the stolen data — which it paid hackers to obtain a copy of — includes the personal, medical and billing information for a “significant percentage” of people in the United States.
UnitedHealth has not yet given a number on how many people were affected by the breach. The health giant’s chief executive, Andrew Witty, told lawmakers that the breach could affect about a third of Americans, and possibly more. For now, it’s just a question How many hundreds of millions of people in the US are affected.
The ransomware attack on Synnovis caused widespread outages at hospitals across London
A cyber attack in June at Synnovis UK Pathology Laboratory – a blood and tissue testing laboratory for hospitals and health services across the UK capital – caused widespread disruption to patient services for weeks. Local lab-based NHS trusts suspended thousands of operations and procedures after the hack, prompting a critical incident declaration across the UK health sector.
A Russian-based ransomware gang was blamed for the cyberattack, which saw the theft of data related to approximately 300 million patient interactions dating back a “significant number” of years. Like the Change Healthcare data breach, the consequences for those affected are likely to be significant and long-lasting.
Some of the data was already published online in an attempt to blackmail the lab into paying a ransom. Synnovis reportedly refused to pay the hackers’ $50 million ransompreventing the gang from benefiting from the hack but leaving the British government is scrambling for a plan in case hackers released millions of health records online.
One of the NHS trusts that runs five hospitals across London affected by the outage allegedly failed to meet data security standards as required by the UK health service in the years leading up to the June cyber attack on Synnovis.
Ticketmaster had 560 million records stolen in the Snowflake hack
A series of data thefts from cloud data giant Snowflake quickly turned into one of the biggest breaches of the year, thanks to the massive amounts of data stolen from its enterprise customers.
Cybercriminals breached hundreds of millions of customer data from some of the world’s largest companies — including an alleged 560 million records from Ticketmaster, 79 million records from Advance Auto Parts and approximately 30 million records from TEG — using stolen data engineer credentials to access their employer’s Snowflake environments. For its part, Snowflake does not require (or enforce) its customers to use the security feature, which protects against hacks based on stolen or reused passwords.
Incident response firm Mandiant said about 165 Snowflake customers had data stolen from their accounts, in some cases a “significant amount of customer data.” Only a handful of the 165 companies have so far confirmed their environment was compromised, which also includes tens of thousands of employee records from Neiman Marcus and Santander Bankand million student records in the Los Angeles Unified School District. Expect a lot of Snowflake customers to show up.
