We, unfortunately, live in a time where everything from your social security number to banking details can be stolen in the blink of an eye. It’s called 2024, and cybercriminals are having a field day. From healthcare giants to ticketing behemoths, no sector seems safe from the relentless onslaught of data breaches. Let’s dive into some of the most jaw-dropping cyber incidents that have rocked the digital world so far this year:

AT&T Data Breaches

AT&T is a leading telecommunications company in the United States, and as such, a prime candidate for cyber attacks. Criminals are drawn to an abundance of valuable customer data ranging from social security numbers to residential addresses. Both those types of information, along with full names, email addresses, and dates of birth were recently revealed to have been stolen by an online group known as ShinyHunters.

Over 70 million accounts are affected, leaving customers scrambling to find out whether they’re part of that large, unlucky bunch. The breach, initially denied by AT&T in 2021, was finally acknowledged in March 2024 after the data resurfaced on a hacking forum. The delay in disclosure raises serious questions about AT&T’s transparency and incident response protocols.

Unfortunately, this isn’t the first time AT&T has been in hot water over cybersecurity, either.

In 2015, the company incurred a $25 million fine from the FCC after call center employees in Mexico, Colombia, and the Philippines were found to have accessed and sold the personal information of nearly 280,000 U.S. customers.

Evolve Bank Data Breach

Evolve Bank & Trust is a self-purported “best-in-class technology-focused financial services organization and Banking-as-a-Service (“BaaS”) provider”. Yet even its infrastructure was unable to ward off an attack launched this past July. 7.6 million people within the company’s client base – which includes notable start-ups like Affirm and Mercury – saw their personal information compromised by hackers. When Evolve declined to pay a ransom, the assailants published that data on the dark web.

There isn’t any evidence of customer funds being accessed as a result of the attack, and the bank has promised to make up for the threat of identity theft with 24 months of free credit monitoring and identity protection services.

Hack Against Change Healthcare

In a country with a healthcare system already fraught with fraud, price gouging, and bureaucratic inefficiencies, the Change Healthcare hack dealt a devastating blow. Millions of Americans suddenly found their most sensitive medical information exposed to cybercriminals. The breach not only compromised patient privacy but also disrupted critical healthcare services nationwide.

The fallout was immediate and far-reaching. Hospitals struggled to process claims, pharmacies couldn’t fill prescriptions, and patients faced delays in receiving vital treatments. The healthcare industry, already strained by the chronic effects of the COVID-19 pandemic, was pushed to the brink of collapse.

What’s particularly alarming is the sheer scale of the breach. With data on a “substantial proportion” of U.S. citizens compromised, the potential for identity theft, medical fraud, and blackmail is unprecedented. Cybersecurity experts warn that the stolen information could be exploited for years to come, creating a long-lasting nightmare for affected individuals.

The most painful thing about this cyberattack is that it was foreseen and forewarned. The United States Justice Department recognized the broad data exposure UnitedHealth Group’s acquisition of Change Healthcare would cause two years ago – but its effort to blog the merger failed.

Synnovis Ransomware Attack

Taking things overseas to the United Kingdom, that country’s healthcare system also recently experienced a significant disruption. London-based pathology lab Synnovis was targeted by a Russian ransomware gang that ended up stealing data related to roughly 300 million patient interactions from the last number of years. The June 3rd incident is significant not only because of the volume of information accessed but also because of its impact on the National Health Service (NHS). The cyberattack caused widespread disruption, forcing thousands of operations and procedures to be postponed across London hospitals.

The hackers demanded a staggering $50 million ransom, which Synnovis refused to pay. While this decision prevented the criminals from profiting directly, it left the U.K. government in a precarious position. Officials scrambled to develop a contingency plan in case millions of sensitive health records were released online.

Repercussions of Snowflake Hack on Ticketmaster, Advance Auto Parts, and TEG

2024 was a big year for the cybercrime group ShinyHunters, which, in addition to its attack on AT&T, levied a devastating attack on Ticketmaster through the Snowflake data breach. The hackers managed to access an astounding 560 million customer records, making it one of the largest data breaches in history. This incident exposed sensitive information including names, addresses, phone numbers, and email addresses of Ticketmaster’s vast customer base.

The breach not only compromised customer privacy but also raised serious concerns about the security measures employed by major corporations. Ticketmaster, a household name in event ticketing, now faces a crisis of trust and potential legal repercussions. Yet it’s just one of about 165 companies to have been affected by the Snowflake breach. Advance Auto Parts and TEG are also working to quell the reputational damage caused by their respective losses of 79 million and 30 million customer records.

MediSecure Data Breach

To finish down under, we have the MediSecure data breach. It sent shockwaves through Australia’s healthcare system in April 2024. The federal government is now leading an investigation into what happened and why – although one thing we do know is that the incident impacted nearly half of Australia’s population. 12.9 million people currently stare down the prospect of identity theft and exploitation for simply entrusting what was once the most widely-used prescription distributor in the country. MediSecure has since declared insolvency.

While the impacts of these data breaches are massive and shocking, what’s even scarier is the fact that 2024 isn’t over yet. Hackers have shown that they’re always working to undermine the digital infrastructure we rely on every day. No one is safe, but at the same time, no one is defenseless. This should serve as a reminder of the importance of being mindful about where you share your personal information – even if the other party promises it will be kept safe. 

At TeraDact, we understand the evolving threat landscape and are dedicated to helping businesses protect their data. Our advanced solutions provide the tools you need to safeguard sensitive information and stay one step ahead of cybercriminals. Learn more about how TeraDact can help secure your digital assets at www.teradact.com.