According
to TechCrunch, this year has seen some of the most damaging data
breaches in history. In 2024 alone, hackers stole billions of personal records,
and it's almost guaranteed your data is among those stolen records. Let's look
at this year's record-breaking attacks and what you need to know about
protecting your information.
1. National Public Data (2 Billion-Plus Records)
What happened: In
December 2023, hackers accessed the systems of National Public Data, a
background-check company. In April, 2.7 billion records with highly sensitive
data for 170 million people were leaked onto the dark web.
Who is exposed: The
stolen data includes records for people in the US, Canada, and the UK.
Compromised data: 2
billion-plus records containing full names, current and past addresses, Social
Security numbers, dates of birth,h and phone numbers.
2. Change Healthcare: (38 Million Records)
What happened: In
February, the UnitedHealth-owned tech firm Change Healthcare was hacked by a
Russian ransomware gang that gained access through systems unprotected by
multifactor authentication. The attack caused widespread downtime for health
care institutions across the US and compromised data for many, many Americans. UnitedHealth paid $22
million to prevent data leaks, but another hacker group claimed to still have
some of the stolen Change Healthcare data.
Who is exposed: Estimated
data exposure for one-third of the American population (likely more).
Compromised data: Payment
information, Social Security numbers, and
medical data, including test results, diagnoses, and images.
3. AT&T (Hacked TWICE)
What happened: In March,
hackers released data for more than 73 million past and existing AT&T
customers going back to 2019. Then, in July, data was stolen from an AT&T
account the company had with data giant Snowflake (more on that below).
Reportedly, AT&T paid a ransom to the hackers to delete the data. However,
if this data is leaked, it could expose the data of anyone called by AT&T
customers, including noncustomers.
Who is exposed: 110
million-plus past and current customers and, potentially, noncustomers.
Compromised data: Personal
information, including Social Security numbers and phone numbers.
4. Synnovis (300 Million Patient Interactions)
What happened: In June,
a UK pathology lab, Synnovis, was attacked by a Russian ransomware gang. The
attack resulted in widespread outages in health institutions across London.
Reportedly, Synnovis refused to pay the $50 million ransom.
Who is exposed: Past and
existing patients in the UK.
Compromised data: 300
million patient interactions, including blood test results for HIV and cancer,
going back many years.
5. Snowflake (600 Million-Plus Records And Growing)
What happened: In May,
cloud data giant Snowflake announced a system breach caused by stolen employee
credentials. Hundreds of millions of customer records were stolen from
Snowflake customers, including 560 million from Ticketmaster, 79 million from
Advance Auto Parts, and 30 million from TEG.
Who is exposed: Millions
of customers from many of Snowflake's 165 corporate customers, including those
mentioned above, plus Neiman Marcus, Santander Bank, Los Angeles Unified School
District and many more.
Compromised data: Customer
records.
How To Protect Yourself
You can't
stop companies from getting hacked. However, you can prevent the situation from
worsening for YOU by taking a few extra steps to protect your data. Here's what
to do:
Review
your health-related communications: With so many breaches affecting
health institutions this year, pay attention to your statement of benefits and
look for services you didn't receive. If you spot something fishy, tell your
healthcare provider and insurance company right away.
Freeze
your credit: This will stop criminals from opening a credit card or loan in
your name.
Update
your log-in credentials: If you know what accounts were hacked, change
your credentials, and also change the credentials to major accounts like your
bank. Set up alerts too, so you're immediately aware of any unusual activity.
Be wary of
e-mails: After a breach, hackers access all kinds of information and may
use that to send fraudulent e-mails. Slow down, read carefully and verify
requests before taking any action.
