The year 2024 has already seen a surge in major data breaches, with some of the largest and most damaging incidents in recent history. These breaches have far-reaching consequences, impacting not only the individuals whose data is exposed but also empowering cybercriminals to profit from their malicious activities.
One of the most significant breaches occurred at AT&T, a telecoms giant. In July, it was revealed that cybercriminals had stolen a vast amount of data, including phone numbers and call records, from almost all of AT&T’s customers over a six-month period in 2022. The data was not directly taken from AT&T’s systems but from an account it had with data giant Snowflake. This breach is particularly concerning because it not only affects AT&T customers but also includes the phone numbers of non-customers who were contacted by AT&T customers during that time. The exposure of this data could be dangerous, especially for individuals at higher risk, such as survivors of domestic abuse.
This was not the only data breach that AT&T experienced in 2024. In March, a data breach broker leaked 73 million customer records online, including personal information such as names, phone numbers, and addresses. Initially, it seemed like a standard data breach. However, it was later discovered that the exposed data contained encrypted passcodes used to access AT&T customer accounts. These passcodes could be easily unscrambled, putting 7.6 million customer accounts at risk of hijacking. AT&T took action and reset its customers’ account passcodes but still does not know how the data leaked or where it came from.
Another major breach in 2024 involved Change Healthcare, a health insurance giant. Change Healthcare suffered a ransomware attack that resulted in the theft of sensitive health data. This breach had severe consequences, causing widespread outages at hospitals, pharmacies, and healthcare practices across the United States. The stolen data, which UnitedHealth Group paid the hackers to obtain a copy of, includes personal, medical, and billing information for a substantial proportion of people in the United States. The exact number of affected individuals is still unknown, but it is estimated to be in the hundreds of millions, if not more.
In the United Kingdom, Synnovis, a pathology lab responsible for blood and tissue testing for hospitals, fell victim to a cyberattack. The attack, attributed to a Russian-based ransomware gang, led to widespread disruption of patient services for weeks. The hackers stole data related to 300 million patient interactions spanning several years. Some of this data was published online in an attempt to extort a ransom from Synnovis. Although the lab refused to pay, the incident raised concerns about the security standards of the NHS trusts that relied on Synnovis’s services.
Snowflake, a cloud data giant, experienced a series of data thefts that culminated in one of the largest breaches of the year. Cybercriminals targeted Snowflake’s corporate customers, stealing hundreds of millions of customer data records from major companies such as Ticketmaster, Advance Auto Parts, and TEG. The thieves gained access to Snowflake environments by using stolen credentials from data engineers. Interestingly, Snowflake did not enforce its customers to use a security feature that could have prevented such intrusions. Incident response firm Mandiant reported that around 165 Snowflake customers had their data stolen, with some companies losing a significant volume of customer data.
These major data breaches of 2024 highlight the ongoing challenges faced by organizations in protecting sensitive information. They serve as a stark reminder that no company is immune to cyber threats and that robust security measures are crucial. As technology advances, it becomes even more critical for businesses to prioritize data security and invest in comprehensive cybersecurity strategies. Failure to do so can result in devastating consequences for both individuals and organizations alike.