Source: Vector choice - URS Preferred Partner

TechCrunch Report: Major Data Breaches in 2024 and How to Protect Yourself

This year has witnessed some of the most severe data breaches in history, with billions of personal records exposed in 2024 alone. It’s highly likely that your data has been affected. Below, we review the most significant breaches of the year and offer essential tips to safeguard your information.

1. National Public Data (Over 2 Billion Records Compromised)

Incident Summary:
In December 2023, hackers infiltrated the systems of National Public Data, a background-check company. By April 2024, 2.7 billion highly sensitive records associated with 170 million individuals were leaked on the dark web.

Affected Individuals:
People in the United States, Canada, and the United Kingdom.

Exposed Information:
Full names, current and previous addresses, Social Security numbers, birthdates, and phone numbers.

2. Change Healthcare (38 Million Records Compromised)

Incident Summary:
In February 2024, Change Healthcare, a tech subsidiary of UnitedHealth, fell victim to a ransomware attack orchestrated by a Russian hacking group. The attackers exploited systems lacking multifactor authentication, causing widespread disruptions in U.S. healthcare services. Despite UnitedHealth paying $22 million to prevent leaks, another hacker group claims to possess some of the stolen data.

Affected Individuals:
Approximately one-third of the American population.

Exposed Information:
Payment details, Social Security numbers, and sensitive medical data, including test results, diagnoses, and imaging records.

3. AT&T (Two Separate Attacks)

Incident Summary:
In March 2024, hackers leaked data for over 73 million AT&T customers dating back to 2019. In July, a second breach occurred when attackers accessed an AT&T account linked to the data management platform Snowflake. AT&T reportedly paid a ransom to prevent further exposure, but if leaked, the data could impact noncustomers who interacted with AT&T customers.

Affected Individuals:
Over 110 million current and former customers, with potential risks extending to noncustomers.

Exposed Information:
Personal details, including Social Security numbers and phone numbers.

4. Synnovis (300 Million Patient Records Compromised)

Incident Summary:
In June 2024, Russian cybercriminals targeted Synnovis, a UK-based pathology lab, resulting in significant disruptions to healthcare services in London. Synnovis refused the $50 million ransom demand, leaving sensitive data vulnerable.

Affected Individuals:
Former and current patients across the United Kingdom.

Exposed Information:
Data from 300 million patient interactions, including diagnostic results for conditions like HIV and cancer.

5. Snowflake (600 Million+ Records Compromised)

Incident Summary:
In May 2024, a breach at Snowflake, a leading cloud data company, stemmed from stolen employee credentials. The incident affected numerous corporate clients, including Ticketmaster, Advance Auto Parts, and TEG, with hundreds of millions of customer records stolen.

Affected Individuals:
Millions of customers across Snowflake’s 165 corporate clients, including organizations like Neiman Marcus, Santander Bank, and Los Angeles Unified School District.

Exposed Information:
Customer records from various industries.

Protecting Yourself from Data Breaches

While you can’t control corporate data breaches, you can take proactive measures to minimize potential harm. Follow these steps to safeguard your personal information:

1. Monitor Your Healthcare Records:
   Given the high number of healthcare-related breaches this year, carefully review your medical statements and benefits summaries. If you notice unfamiliar services or charges, contact your healthcare provider and insurer immediately.

2. Freeze Your Credit:
   Placing a freeze on your credit prevents unauthorized parties from opening loans or credit cards in your name. This step is a powerful way to protect yourself from identity theft.

3. Strengthen Your Account Security:
   If you know your accounts have been compromised, update your passwords immediately. Extend this practice to critical accounts, such as banking or financial services. Enable account alerts to get instant notifications about unusual activity.

4. Stay Cautious with Emails:
   Hackers often use stolen information to craft convincing phishing emails. Always verify the sender, scrutinize the content, and avoid acting on suspicious requests without thorough verification.

Taking these precautions can help you reduce the impact of data breaches and better protect your personal information.