Summarize

Simplifying... Inshort

In 2024, data breaches skyrocketed, compromising over a billion records.
Major incidents included a cyberattack on AT&T, exposing 110 million customer records and another in March revealing 73 million more.
Health tech firm Change Healthcare and UK's Synnovis Lab also fell victim, affecting a significant number of Americans and disrupting UK patient services.

Was a long read? Making it simpler...

Next Article

AT&T and Disney are among major victims of data breaches in 2024

Data breaches soar in 2024: Over 1 billion records compromised

By Akash Pandey

Jul 18, 2024

11:36 am

What's the story

The year 2024 has been marked by some of the most severe data breaches in recent history, with cybercrimes compromising over a billion records. These attacks have not only exposed the personal information of countless individuals but also emboldened cybercriminals who profit from such malicious activities. Telecommunications company AT&T confirmed two separate data breaches this year, impacting nearly all its customers and numerous non-customers. Disney has also suffered a data breach, with over 1TB of data stolen from the company.

July breach

AT&T's massive data breach: 110 million customers affected

In July, cybercriminals managed to steal a significant amount of data containing phone numbers and call records of approximately 110 million AT&T customers. This data was not directly taken from AT&T's systems but was stolen from an account the company had with data giant Snowflake. The stolen metadata reveals who called whom and when, potentially indicating approximate locations. The breach also exposed phone numbers of non-customers who were contacted by AT&T customers during that period.

March compromise

March breach: 73 million AT&T customer records exposed

Earlier in March, a data breach broker dumped online a full cache of 73 million customer records. This exposed personal information such as names, mobile numbers, and postal addresses. A security researcher discovered that the leaked data contained encrypted passcodes for accessing AT&T customer accounts, which could be easily deciphered. This discovery put approximately 7.6 million existing AT&T customer accounts at risk of being hijacked, prompting AT&T to force-reset its customers' account passcodes.

Healthcare attack

Change Healthcare falls victim to ransomware attack

In another significant breach, health tech giant Change Healthcare was targeted by a ransomware gang due to the absence of multi-factor authentication on one of its critical systems. The stolen data includes personal, medical, and billing information on a "substantial proportion" of people in the United States. United Health's chief executive, Andrew Witty, suggested that the breach might affect around one-third of Americans.

UK breach

UK's Synnovis Lab cyberattack disrupts patient services

In the UK, a cyberattack on pathology lab Synnovis caused significant disruption to patient services for several weeks. The local National Health Service trusts had to postpone thousands of operations and procedures following the hack. A Russia-based ransomware gang was blamed for the cyberattack, which resulted in the theft of data related to some 300 million patient interactions dating back several years.