According to TechCrunch, this year has seen some of the most damaging data breaches in history. In 2024 alone, hackers stole billions of personal records, and it’s almost guaranteed your data is among those stolen records. Let’s look at this year’s record-breaking attacks and what you need to know about protecting your information.
1. National Public Data (2 Billion-Plus Records)
What happened: In December 2023, hackers accessed the systems of National Public Data, a background-check company. In April, 2.7 billion records with highly sensitive data for 170 million people were leaked onto the dark web.
Who is exposed: The stolen data includes records for people in the US, Canada and the UK.
Compromised data: 2 billion-plus records containing full names, current and past addresses, Social Security numbers, dates of birth and phone numbers.
2. Change Healthcare: (38 Million Records)
What happened: In February, the UnitedHealth-owned tech firm Change Healthcare was hacked by a Russian ransomware gang that gained access through systems unprotected by multifactor authentication. The attack caused widespread downtime for health care institutions across the US and compromised data for many, many Americans. UnitedHealth paid $22 million to prevent data leaks, but another hacker group claimed to still have some of the stolen Change Healthcare data.
Who is exposed: Estimated data exposure for one-third of the American population (likely more).
Compromised data: Payment information, Social Security numbers and medical data, including test results, diagnoses and images.
- AT&T (Hacked TWICE)
What happened: In March, hackers released data for more than 73 million past and existing AT&T customers going back to 2019. Then, in July, data was stolen from an AT&T account the company had with data giant Snowflake (more on that below). Reportedly, AT&T paid a ransom to the hackers to delete the data. However, if this data is leaked, it could expose the data of anyone called by AT&T customers, including noncustomers.
Who is exposed: 110 million-plus past and current customers and, potentially, noncustomers.
Compromised data: Personal information, including Social Security numbers and phone numbers.
3. Synnovis (300 Million Patient Interactions)
What happened: In June, a UK pathology lab, Synnovis, was attacked by a Russian ransomware gang. The attack resulted in widespread outages in health institutions across London. Reportedly, Synnovis refused to pay the $50 million ransom.
Who is exposed: Past and existing patients in the UK.
Compromised data: 300 million patient interactions, including blood test results for HIV and cancer, going back many years.
4. Snowflake (600 Million-Plus Records And Growing)
What happened: In May, cloud data giant Snowflake announced a system breach caused by stolen employee credentials. Hundreds of millions of customer records were stolen from Snowflake customers, including 560 million from Ticketmaster, 79 million from Advance Auto Parts and 30 million from TEG.
Who is exposed: Millions of customers from many of Snowflake’s 165 corporate customers, including those mentioned above, plus Neiman Marcus, Santander Bank, Los Angeles Unified School District and many more.
Compromised data: Customer records.
How To Protect Yourself
You can’t stop companies from getting hacked. However, you can prevent the situation from worsening for YOU by taking a few extra steps to protect your data. Here’s what to do:
- Review your health-related communications: With so many breaches affecting health institutions this year, pay attention to your statement of benefits and look for services you didn’t receive. If you spot something fishy, tell your health care provider and insurance company right away.
- Freeze your credit: This will stop criminals from opening a credit card or loan in your name.
- Update your log-in credentials: If you know what accounts were hacked, change your credential, and also change the credentials to major accounts like your bank. Set up alerts too, so you’re immediately aware of any unusual activity.
- Be wary of e-mails: After a breach, hackers access all kinds of information and may use that to send fraudulent e-mails. Slow down, read carefully and verify requests before taking any action.