December 2024 - Main Article:
Hackers Are Targeting Small Construction Companies and Other Invoice-Heavy Businesses
This Year’s Most Significant Data Breaches
TechCrunch reports that 2024 has been a landmark year for data breaches, with hackers stealing billions of personal records. Chances are that your data might be among those compromised. Here’s a look at the most notable attacks this year and steps you can take to protect your information.
- National Public Data (2 billion-Plus Records)
- What happened: In December 2023, hackers infiltrated National Public Data, a background-check company. By April, 2.7 billion records containing sensitive information for 170 million individuals were leaked on the dark web.
- Who is exposed: Individuals in the US, Canada, and the UK.
- Compromised data: Full names, current and past addresses, Social Security numbers, dates of birth, and phone numbers.
- Change Healthcare (38 million Records)
- What happened: In February, a Russian ransomware gang exploited weak security at UnitedHealth-owned Change Healthcare. The breach caused downtime in US healthcare institutions and compromised personal data. UnitedHealth paid $22 million to mitigate leaks, but some stolen data remains in hackers' hands.
- Who is exposed: Approximately one-third of the US population, potentially more.
- Compromised data: Payment information, Social Security numbers, medical test results, diagnoses, and images.
- AT&T (Two Breaches)
- What happened: In March, hackers released data from over 73 million AT&T customers dating back to 2019. Another breach occurred in July when hackers accessed AT&T data through its account with Snowflake. AT&T reportedly paid a ransom, but the data could still be leaked.
- Who is exposed: Over 110 million past and current customers, and potentially noncustomers.
- Compromised data: Social Security numbers, phone numbers, and personal details.
- Synnovis (300 million Patient Interactions)
- What happened: In June, Russian ransomware attackers targeted Synnovis, a UK pathology lab. The breach caused disruptions in London’s healthcare services. Synnovis refused to pay the $50 million ransom.
- Who is exposed: Past and current UK patients.
- Compromised data: Blood test results for conditions like HIV and cancer, spanning years of patient records.
- Snowflake (600 million-Plus Records)
- What happened: In May, Snowflake disclosed a breach caused by stolen employee credentials. Data stolen included 560 million records from Ticketmaster, 79 million from Advance Auto Parts, and 30 million from TEG.
- Who is exposed: Customers of Snowflake’s 165 corporate clients, including Ticketmaster, Neiman Marcus, Santander Bank, and others.
- Compromised data: Customer records.
How to Protect Yourself
While you can’t stop companies from being hacked, you can minimize your risks with these steps:
- Review health-related communications: Look for unfamiliar services in your statements of benefits. Report suspicious activity to your healthcare provider and insurer immediately.
- Freeze your credit: This prevents criminals from opening credit accounts in your name.
- Update your credentials: Change passwords for breached accounts and major accounts like banks. Enable alerts to monitor unusual activity.
- Be cautious with emails: After breaches, hackers often send fraudulent emails. Verify requests before acting and read messages carefully.