We’re almost at the end of 2024, a year that will go down as we’ve seen the biggest, most damaging data breach in recent history. And just when you think some of these hacks can’t get any worse, they do.
From large stores of personal customer information being dumped, stolen and sent online, to sources of medical data covering the majority of people in the United States being stolen, the worst data breaches of 2024 surpassed one billion stolen records and counting. This breach not only affects people whose data is irretrievably exposed, but also emboldens criminals who profit from their malicious cyber attacks.
Take a trip back in time with us to see how some of the biggest security events of 2024 went down, their impact, and in some cases, how they could have been stopped.
AT&T’s data breach affects “almost all” of its customers, and many other non-customers.
For AT&T, 2024 was the worst year for data protection. The social media giant has confirmed not one, but two separate data breaches in just a few months.
In July, AT&T said hackers stole a database containing the phone numbers and call records of “almost all” of its customers, or about 110 million people, over a six-month period in 2022 and in some cases longer. The data wasn’t stolen directly from AT&T’s systems, but from an account with data giant Snowflake (more on that later).
Although the stolen AT&T data is not public (and one report suggests that AT&T paid hackers a ransom to remove the stolen data) and the data itself does not contain the content of calls or text messages, the “metadata” still reveals who died. who and when, and in some cases the data can be used to consider limited areas. Worse, the data includes phone numbers of non-customers called by AT&T customers during that time. That data becoming public can be harmful to vulnerable people, such as survivors of domestic abuse.
That was AT&T’s second data breach this year. In early March, the breached retailer dumped online the entire archive of 73 million customer records on a popular cybercrime forum for anyone to see, three years after a very small sample was leaked online.
The published data included customers’ personal information, including names, phone numbers and mailing addresses, and other customers confirmed that their data was accurate.
But it wasn’t until a security researcher discovered that the exposed data contained encrypted passcodes used to access a customer’s AT&T account that the telecommunications giant took action. A security researcher told TechCrunch at the time that encrypted passcodes could be easily deciphered, putting about 7.6 million existing AT&T customer accounts at risk of being hacked. AT&T is forcing it to reset its customers’ account passwords after TechCrunch alerted the company to the researcher’s findings.
One big mystery remains: AT&T still doesn’t know how the data leaked or where it came from.
Turns out health hackers stole medical data from “a large portion” of Americans
In 2022, the US Department of Justice sued health insurance giant UnitedHealth Group to block its efforts to buy health technology giant Change Healthcare, fearing the deal would give the health care conglomerate broad access to nearly “half of all American health insurance claims.” each year. . A bid to block the deal ultimately failed. Then two years later, something terrible happened: Change Healthcare was hacked by a powerful ransomware gang; its large banks of sensitive health information were stolen because one of the company’s sensitive systems was not protected by multi-factor authentication.
The outage caused by the cyberattack lasted for weeks, causing widespread outages in hospitals, pharmacies and healthcare practices across the United States. But the impact of the data breach has not yet been fully realized, although the consequences for those affected may be irreversible. UnitedHealth says the stolen data — which it paid hackers to obtain a copy of — included personal, medical and billing information on “a large number” of people in the United States.
UnitedHealth has yet to put a number on how many people were affected by the breach. The health company’s chief executive, Andrew Witty, told lawmakers that the breach could affect one-third of Americans, and more. For now, just a question How many hundreds of millions of people in the US are affected.
The Synnovis ransomware attack caused evacuations from hospitals across London
The June cyberattack on UK pathology lab Synnovis – a blood and tissue testing lab for hospitals and health services in the UK capital – caused ongoing disruption to patient services for weeks. The local National Health Service hopes that it relies on the lab to reverse thousands of operations and procedures following the hack, which has been declared a critical incident for the entire UK health sector.
A Russian-based gang has been blamed for the cyberattack, which saw the theft of data related to about 300 million patient transactions dating back “a large number” of years. As with the data breach at Change Healthcare, the consequences for those affected can be profound and lifelong.
Some data has already been published online in an attempt to trick the lab into paying a ransom. Synnovis reportedly refused to pay the hackers $50 million, preventing the gang from profiting from the hack but leaving the UK government scrambling for a strategy in case hackers put millions of health records online.
One of the NHS trusts that run five hospitals across London affected by the emergency has reportedly failed to meet data security standards as required by the UK’s health service in the years since the June cyberattack on Synnovis.
Ticketmaster claims 560 million records stolen in Snowflake hack
A series of data thefts from cloud data server Snowflake quickly snowballed into one of the biggest breaches of the year, due to the amount of data stolen from its corporate customers.
Cybercriminals have swiped hundreds of millions of customer data from some of the world’s biggest companies – including an alleged 560 million records from Ticketmaster, 79 million records from Advance Auto Parts and about 30 million records from TEG – by using stolen credentials of data engineers who have access to their employer’s Snowflake environments. On the other hand, Snowflake does not require (or force) its customers to use the security feature, which protects against hacked or reused passwords.
Incident response firm Mandiant said about 165 Snowflake customers had data stolen from their accounts, in some cases “massive customer data.” Only a handful of 165 companies have confirmed so far that their sites are at risk, including tens of thousands of employee records from Neiman Marcus and Santander Bank, and millions of student records from the Los Angeles Unified School District. Expect more Snowflake customers to come forward.
(Dis)respectful speeches
Cencora notifies more than a million and counting that it has lost its data:
US pharmaceutical giant Cencora has disclosed a data breach in February that involved the corruption of patient health data, information that Cencora obtained through partnerships with drugmakers. Cencora has steadfastly refused to say how many people have been affected, but a TechCrunch count shows that more than a million people have been notified so far. Cencora claims to have served more than 18 million patients to date.
MediSecure data breach affects part of Australia:
About 13 million people in Australia – nearly half the country’s population – had their personal and health data stolen in a ransomware attack on prescription provider MediSecure in April. MediSecure, which distributed prescriptions to most Australians until the end of 2023, announced it had gone out of business immediately after a major theft of customer data.
Kaiser has shared health data on millions of patients with advertisers:
US health insurance giant Kaiser disclosed the data breach in April after it shared the private health information of 13.4 million patients, mostly website search terms about diagnoses and medications, with technology companies and advertisers. Kaiser said they used their tracking code to analyze the website. The health insurance provider disclosed the incident after several phone startups, such as Cerebral, Monument and Tempest, admitted they also shared data with advertisers.
The USPS shared a mailing address with the tech giants, and:
Then it was the US Postal Service’s turn to be caught sharing the postal addresses of logged-in users with advertisers such as Meta, LinkedIn and Snap, using the same tracking code provided by the companies. The USPS removed the tracking code from its website after TechCrunch notified the postal service in July of improper data sharing, but the agency would not say how many people had the data collected. USPS has more than 62 million Informed Delivery users as of March 2024.
The Evolve Bank data breach affected fintech and startup customers:
A ransomware attack targeting Evolve Bank saw the personal information of more than 7.6 million people stolen by hackers in July. Evolve is a banking giant that specializes in fintech companies and startups, such as Affirm and Mercury. As a result, many people notified of the data breach had never heard of Evolve Bank, let alone had a relationship with the firm, before its cyber attack.
National Public Data breach after millions of SSNs were stolen
The company behind data broker National Public Data filed for Chapter 11 bankruptcy protection in October, months after a massive data breach exposed about 3 billion records affecting about 270 million people, according to various investigations by security investigators. The data broker allowed its paying customers access to its huge database of names, birthdays, email and postal addresses, phone numbers, and Social Security numbers (even if not all the data was accurate). The company said it had to file for bankruptcy because it could no longer make money to deal with a flood of class-action lawsuits and mounting debt from federal and state regulators.
It was first published on June 28 and updated on October 14.
Source link
/cdn.vox-cdn.com/uploads/chorus_asset/file/25728924/STK133_BLUESKY__B.jpg?w=390&resize=390,220&ssl=1 "Bluesky now has a chat tab in your notification area")