The Five Largest Data Breaches of 2024 (So Far)

Data breaches are always a potential problem. They can cause all types of problems inside your business and can even cause strife should your customers need to be notified. In today’s blog, we thought we would review some of the largest and most noteworthy breaches in 2024.

We like to put together lists from time to time just to give perspective to the growing concern that is cybersecurity. According to Cybersecurity Magazine, the total cost of cybercrime is projected to be upwards of $9 trillion in 2024, growing to over $10 trillion in 2025. To give some context, that is more than all but two nations' Gross Domestic Product (GDP). So, to say that it is a major problem is basically an understatement. 

Before we get into the list, we should note that 2024 saw the costliest technology outage in history. The CrowdStrike update that affected Microsoft operating systems cost companies over $5 billion. While that is not a data breach, it just shows how serious technology troubles can be.

National Public Data

2.7 billion records

Let’s start with the big one. Just a few weeks ago, a hacking group claimed that they have stolen 2.7 billion personal records. This includes virtually every person in the United States, Canada, and the United Kingdom. The data includes American social security numbers.

They published portions of the stolen data on the darkweb, and while experts are still analyzing how accurate and complete the information is (there are only about half a billion people between the the US, Canada, and UK), but it’s pretty likely that most social security numbers have been compromised, if not all of them.

The good news? Well, since everyone has been hacked, we are all sort of in the same boat. Now everyone needs to spend more effort paying attention to their accounts, their credit, and their online identity. Freezing your credit is a good step in the right direction, and getting in the habit of unfreezing your account when signing up for a new loan or credit card will probably be the best practice moving forward.

Ticketmaster

560 million records

The 2024 Ticketmaster data breach exposed millions of customers' personal and financial information. Cybercriminals gained unauthorized access to Ticketmaster’s database in April and May, stealing sensitive data such as names, email addresses, phone numbers, and payment information. This breach highlighted the company’s security infrastructure vulnerabilities, leading to consumer concerns. The impact on the company was immediate, with customers reporting unauthorized transactions and having their identities stolen. This was just one issue that caused the U.S. Justice Department to sue Ticketmaster’s parent company, Live Nation, for anti-competitive behavior. 

Change Healthcare

145 million records

In February 2024, Change Healthcare experienced a significant data breach due to a ransomware attack. The attack compromised the sensitive personal information of millions of individuals, making it one of the largest healthcare breaches in history. Exposed data included names, addresses, Social Security numbers, medical records, and other sensitive information. The breach had a widespread impact on patients, healthcare providers, and insurance companies, and many healthcare providers are rethinking their overall security strategies. 

Dell

49 million records

In May 2024, Dell’s systems were infiltrated by users through a brute force attack after a hacker that goes by the name Menelik gained access to one of their resellers' client portals. The breach exposed sensitive data, including names, email addresses, payment details, and account information. It raised serious concerns about the company's cybersecurity measures, prompting Dell to issue a public apology and commit to improving their security protocols to protect customer data more effectively. The incident has also led to increased scrutiny from regulators and potential legal challenges as the full impact of the breach continues to unfold.

AT&T

73 million records

Hackers infiltrated AT&T's systems, compromising the personal data of some 73 million current and former customers, including sensitive information such as Social Security numbers, account numbers, and passcodes. The biggest revelation was that the breached data dates back to 2019 or earlier and was discovered on the dark web in mid-March 2024. This breach marks the latest in a series of cyberattacks against AT&T, following a 2023 incident that impacted nine million users. AT&T has launched an investigation to contain the malware while keeping current customers' systems operational. Due to this breach, the company now faces the potential threat of multiple class action lawsuits.

You may not have millions of customers like these companies, but you can fall victim to a cyberattack all the same. You need to do what you can to protect your network. Some of the best ways to accomplish this are by implementing security measures that work to protect your network, training your employees about password best practices and how to avoid phishing attacks, and ensuring that you have an active cybersecurity strategy in place.

The IT security professionals at Indevtech can help you manage your cybersecurity. To learn more, call us today at (808) 529-4605.