We're halfway through 2024, but this year has already seen some of the largest and most damaging data breaches in recent history. And just when you thought these hacks couldn't get any worse, they do.
From untold amounts of personal customer information being scraped, stolen and posted online to the mass theft of medical data for most people in the United States, the worst data breaches to date in 2024 have already seen at least a billion records stolen and counting. These breaches not only impact the individuals whose data has been irretrievably compromised, but they also embolden criminals who profit from malicious cyberattacks.
Take a journey with us into the not-too-distant past to see how some of the biggest security incidents of 2024 happened, what impact they had, and in some cases, how they could have been prevented.
Mysterious AT&T data leak exposes 73 million customer accounts
Nearly three years after hackers published samples of allegedly stolen AT&T customer data, a data leak broker published the full cache of 73 million customer records online for anyone to see on a popular cybercrime forum in March. The exposed data included personal customer information, including names, phone numbers, and zip codes, and some customers confirmed that the data was accurate.
But it wasn't until a security researcher discovered that the leaked data included encrypted passcodes used to access customers' AT&T accounts that the telecommunications giant took action. At the time, the security researcher told TechCrunch that the encrypted passcodes were easily cracked, putting approximately 7.6 million existing AT&T customer accounts at risk of being compromised. After TechCrunch reported the researcher's findings to the company, AT&T forced a reset of customer account passcodes.
One big mystery remains: AT&T still doesn't know how the data was leaked or where it came from.
Change Healthcare hackers stole medical data from a “significant percentage” of Americans
In 2022, the US Department of Justice sued health insurance giant UnitedHealth Group to block its acquisition of health tech giant Change Healthcare, fearing that the acquisition would give the health care conglomerate broad access to “roughly half of all Americans' health insurance claims” each year. The attempt to block the acquisition ultimately failed. And two years later, something even worse happened: Change Healthcare was hacked by a gang that heavily uses ransomware. One of the company's critical systems wasn't protected by multi-factor authentication, leading to the theft of an all-purpose bank of sensitive medical data.
The cyberattack caused extended downtime lasting weeks and caused widespread power outages at hospitals, pharmacies and healthcare facilities across the U.S. But while the full impact of the data breach is not yet clear, the effects on those affected are likely to be irreversible. UnitedHealth said the stolen data, which it paid hackers to obtain a copy of, included personal, medical and billing information for a “significant proportion” of Americans.
UnitedHealth has not yet released figures on how many individuals were affected by the breach. The health care giant's CEO, Andrew Whitty, told lawmakers that the breach affected about a third of Americans, and that the number could be higher. For now, the question is how many hundreds of millions of people in the US are affected.
Synnovis ransomware attack causes widespread outages at hospitals across London
In June, a cyber attack hit the UK pathology lab Synnovis, a blood and tissue testing laboratory serving hospitals and the health service in the UK capital, causing widespread disruption to patient services for several weeks. A local National Health Service trust that relies on the lab postponed thousands of surgeries and procedures after the hack, and a major incident was declared across the UK healthcare sector.
The cyberattack, which involved the theft of data on around 300 million patient interactions going back many years, was allegedly carried out by a Russia-based ransomware gang and, as with the Change Healthcare data breach, the impacts on those affected are likely to be severe and lifelong.
Some of the data had already been published online in an attempt to force the lab to pay a ransom. Synobius reportedly refused to pay the hackers' $50 million ransom, preventing them from profiting from the hack, but the UK government is scrambling to figure out what to do if hackers post millions of medical records online.
One of the NHS trusts that runs five hospitals across London affected by the outage reportedly had not met data security standards required by the UK Health Service for several years leading up to the Synnovis cyberattack in June.
Ticketmaster allegedly had 560 million records stolen in Snowflake hack
A series of data thefts at cloud data giant Snowflake has quickly escalated into one of the biggest data breaches this year, with massive amounts of data stolen from corporate customers.
Cybercriminals used stolen credentials from a data engineer with access to their employer's Snowflake environment to steal hundreds of millions of customer records from some of the world's largest companies, including 560 million records from Ticketmaster, 79 million from Advance Auto Parts, and nearly 30 million from TEG. Snowflake, for its part, did not require or enforce its customers to use security features that would have prevented intrusions using stolen or reused passwords.
Incident response firm Mandiant said data was stolen from the accounts of about 165 Snowflake customers, including in some cases “significant amounts of customer data.” Of the 165, only a few have admitted so far that their environments were compromised, including tens of thousands of employee records from Neiman Marcus and Santander Bank, and millions of student records from the Los Angeles Unified School District. Many of Snowflake's customers are expected to come forward.