Categories
Blog

The Top Data Breaches of 2024 (Updated)

Home » Blog » The Top Data Breaches of 2024 (Updated)

The Top Data Breaches of 2024 (Updated)

2024 has been a wake-up call for businesses as cyber threats grow and become more challenging and expensive to deal with than ever before.  

What makes matters worse for businesses is the increasing number of threat actors leveraging ransomware-as-a-service, aiming for the most sensitive information assets. There was a data exposure of 1 billion (precisely, 1.07 billion) people in the first half of 2024 alone.  

Let us glimpse at some largest data breaches of 2024 (so far) 

1. Ivanti VPN  

When did it happen? 

January 2024 

What happened? 

Ivanti’s popular VPN service was targeted by hackers who exploited its two zero-day vulnerabilities, with more than thousands of devices that were compromised. 

Impact  

This massive exploitation had a significant negative impact on renowned agencies in cybersecurity, including CISA (Cybersecurity and Infrastructure Security Agency) and MITRE. 

  • Massive exploitation globally of widely used Ivanti VPN  
  • Operational disruption in renowned government agencies  

2. SOHO routers

When did it happen? 

February 2024 

What happened? 

China-based hackers that go by the name of Volt Typhoon (as per FBI) hacked 100s of Small Office Home Routers (SOHO) deployed across the United States, specifically in organizations that fall under the United States Critical Infrastructure. The hackers were planning a massive disruption with a botnet attack through compromised devices, which comprised routers that reached end-of-life status infected with KV Botnet Malware

Impact  

The hacker group targeted multiple critical infrastructure organizations, including energy, water, and communication providers with hundreds of SOHO routers compromised.  

  • Posed a critical threat to the delivery of essential services  
  • Many devices were susceptible to re-infection despite neutralization by the FBI

3. United Health  

When did it happen? 

February 2024 

What happened? 

Change Healthcare, which provides solutions to the healthcare industry, was targeted by Russian ransomware groups, namely Blackcat and Alphv. The attack on Change Healthcare is one of the biggest attacks of 2024, having caused a loss of $872 million to the company United Health in Q1 of 2024.   

Impact  

The attack impacted the services of more than 90% of healthcare service providers, exposing sensitive patient data, including images, diagnoses-related data, medicines, test-related data, and treatment information etc.  

  • The company paid a $22 million ransom 
  • Exposure of sensitive patient data  
  • Cashflows of $3 billion were impacted  
  • Impacted the operation of more than 90% of pharmacies and hospitals in the US  

4. International Monetary Fund 

When did it happen? 

February 2024 

What happened? 

The International Monetary Fund became a victim of a massive breach of 11 internal email accounts. The breach was contained with the assistance of independent experts, who helped in resecuring the compromised email addresses.       

Impact  

  • If not contained, it would have enabled threat actors to steal data from the IMF and the related 190 member countries 
  • The breach posed a significant threat of espionage by state-sponsored attacks  

5. United Nations 

When did it happen? 

March 2024 

What happened? 

8base ransomware group targeted the United Nations Development Program, affecting the operations and stealing data of people associated with it and its programs. The attackers used Phobos ransomware to infect systems, decrypt files, steal data, and publish the data to their website, including data of more than 350+ victims. 

Impact  

The group stole and published sensitive data, including personal data, certificates, contracts, and invoices.  

  • It caused severe reputational damage to the United Nations
  • Sensitive data compromised that includes some of the UN’s top executives

6. XZ Utils  

When did it happen? 

March 2024 

What happened? 

Threat actors created a secret backdoor after years of trying to find a way into the security of a popular compression tool for Linux, XZ Utils.  

As per experts, the CVSS 10-rated vulnerability could have caused massive supply chain attacks globally if it was not discovered early.  

Impact  

The vulnerability was a result of a hacker/hackers trying to find a secret backdoor. It could have severely impacted millions of Linux-based systems globally.  

  • High risk of the exploitation of the vulnerability leading to global supply chain attacks 

7. Fujitsu

When did it happen? 

March 2024 

What happened? 

Attackers targeted Fujitsu, the world’s sixth largest IT services provider, rendering services to public and private entities with more than 124000 employees worldwide. Attackers stole personal information of customers and people related to the company. The attack was orchestrated using malware for the exfiltration of data. 

Impact  

The company suffered a massive compromise of data containing the personal information of stakeholders like customers and partners.  

  • Loss of sensitive data, including personal information.  

8. Cannes Simon Veil Hospital Center/ Broussailles Hospital 

When did it happen? 

April 2024 

What happened? 

Simon Veil Hospital Center became a victim of a ransomware attack by the infamous ransomware group Lockbit.  The hospital renders essential services such as obstetrics emergency care and pediatrics. It had to revert to pen and paper for some processes. 

Impact  

Since the hospital was reliant on digital systems for carrying out its administrative and healthcare operations, the attack severely impeded a major part of operations 

  • 61.7GB of sensitive data was compromised and published on a data leak site on the dark web 
  • Cannes canceled a third of all their non-emergency services  
  • The hospital was forced to go back to pen and paper-based operations 

9. Local Governments  

When did it happen? 

April 2024 

What happened? 

Multiple counties have become a target of ransomware attacks in the first half of 2024 – Robeson County (NC), Hernando (Fla), Jackson County (MO), and Wichita, Kansas. The attacks caused massive disruption in online services, including transport ticketing, utilities, and payment networks. 

Impact  

The attack disrupted multiple services across different counties, especially in the delivery of essential services.  

  • Massive disruption in essential public services 
  • Possibility of exposure of sensitive data of the counties’ citizens 

10. Ticketmaster 

When did it happen?  

Occurred between April and May, disclosed in May 2024 

What happened? 

Ticketmaster was data breached by a hacking group named ShinyHunters. The group stole payment and other details of 40 million users. 

Impact 

560 million records stolen of 40 million users

11. Microsoft Executive Accounts

When did it happen? 

June 2024 

What happened? 

Midnight Blizzard, a ransomware group previously connected to Russian intelligence and behind the infamous Solar Winds attack, targeted Microsoft.   

Attackers stole the email accounts by exploiting the lack of MFA on the legacy accounts of some of its top executives including those from the cybersecurity and legal team. 

Impact  

The attackers were able to leverage the accounts of some of the top executives, disrupting multiple federal agencies. 

  • The attack impacted multiple federal agencies 
  • The attackers exfiltrated all the correspondence between FCEB agencies  

12. WazirX 

When did it happen? 

July 2024 

What happened? 

WazirX, an Indian cryptocurrency exchange, was targeted by a cybercriminal group suspected to be from North Korea that has exploited a vulnerability in their multi-signature wallet. 

Impact  

Loss of over $230 million investor funds 

13. Toyota

When did it happen? 

August 2024 

What happened? 

Toyota’s data was stolen and published on a data breach forum on the dark web by a cybercriminal that went by the name ZeroSevenGroup. 

Impact 

Over 250GB of Customer and employee data, including emails, photos, and finance details.

14. Fortinet 

When did it happen? 

September 2024 

What happened? 

Reputed security vendor Fortinet lost the data of 800,000 customers, where the cybercriminals gained unauthorized access to their SharePoint through exploitation of its third-party systems. 

Impact 

Data of around 800,000 customers was compromised 

15. The Internet Archive 

When did it happen?  

October 2024 

What happened? 

The Internet Archive, one of the world’s biggest digital libraries, suffered multiple data breaches in October that severely impacted its availability. It lost the data of millions of its users. 

Impact  

  • The Internet Archive’s website faced a temporary shutdown due to a DDoS attack 
  • Data including usernames, password hashes, and email addresses of 31 million users were compromised  

16. Starbucks 

When did it happen? 

November  

What happened? 

Starbucks faced a major disruption due to a ransomware attack using Babuk ransomware by The Termite ransomware group on supply chain technology provider Blue Yonder. It also affected other companies relying on it, including BIC and Morrisons.   

Impact 

Starbucks faced disruption in its functions, like payroll and scheduling, and lost data, including databases, 16000 email entries, insurance reports, and 200000+ files. 

Other notable data breaches 

  • Data breach on global software provider CDK in June –It had to shut down its systems, impacting its customers worldwide 
  • The attack on Ascension in May – a healthcare system of 140 hospitals across 19 states, was forced to shift emergency care in some hospitals 
  • NullBulge a hacker group leaked 1.2 TB of Disney’s information from its Slack platform, including messages, confidential information, and files from Disney’s Slack in July 

To summarize  

We have seen some massive data breaches in 2024 that disrupted operations, damaged reputation, and caused financial loss to businesses. To fend off threats, they must proactively identify the gaps in their security, step up their defenses with industry best practices, and improve awareness at different levels. 

Services

Experience end-to-end management
of statutory and regulatory compliance
through our dedicated service for compliance

Explore More >

Latest Post

All
Blog