Connect with us

Technology

Biggest Data Breaches of 2024: 1 Billion Records Stolen and Growing

Published

on

We’re already halfway through 2024, and already this yr we have seen some of the biggest, most damaging data breaches in recent memory. And just while you think some of these hacks couldn’t get any worse, they do occur.

From vast troves of customer personal data which were stolen, stolen and posted online, to tons of medical records regarding most individuals within the United States which were stolen, the worst data breaches of 2024 have already surpassed not less than 1 billion stolen records, and this number is growing. These breaches not only affect individuals whose data has been irretrievably exposed, but in addition embolden criminals who take advantage of their malicious cyberattacks.

Travel with us to the recent past to see how the largest security incidents of 2024 occurred, what their impact was, and in some cases, how they might have been prevented.

Advertisement

Mysterious AT&T data breach exposes 73 million customer accounts

About three years after a hacker released a printed sample of allegedly stolen AT&T customer data, the info breach broker in March put its entire cache of 73 million customer records online on a distinguished cybercrime forum for anyone to see. The data published included customers’ personal information, including names, telephone numbers and mailing addresses, and some customers confirmed that their details were accurate.

However, the telecom giant only took motion after a security researcher discovered that the leaked data included encrypted passwords used to access the client’s AT&T account. A security researcher told TechCrunch on the time that encrypted passwords may very well be easily decrypted, putting roughly 7.6 million existing AT&T customer accounts in danger of being compromised. AT&T forced password resets on its customer accounts after TechCrunch notified the corporate of the researcher’s findings.

One big mystery stays unsolved: AT&T still doesn’t understand how the info was leaked or where it got here from.

Change Healthcare hackers stole medical data from a “significant portion” of people in America

In 2022, the U.S. Department of Justice sued medical health insurance giant UnitedHealth Group to dam its attempted takeover of health tech giant Change Healthcare, fearing that the transaction would give the healthcare conglomerate broad access to about “half of all Americans’ health insurance claims” annually. The try to block the transaction ultimately failed. Then, two years later, something much worse happened: An influential ransomware gang hacked Change Healthcare; its massive banks of sensitive health data were stolen because one of the corporate’s key systems wasn’t protected with multi-factor authentication.

Advertisement

The cyberattack’s lengthy outages dragged on for weeks, causing widespread disruptions to hospitals, pharmacies and healthcare facilities across the United States. But the complete impact of the info breach has yet to be realized, although the implications for those affected are more likely to be irreversible. UnitedHealth says the stolen data — which it paid hackers to repeat — includes personal, medical and billing information for a “significant portion” of people within the United States.

UnitedHealth has not yet said how many individuals were affected by the breach. The health giant’s CEO, Andrew Witty, told lawmakers that the breach could affect a few third of Americans, and potentially more. For now, it says it only affects tons of of hundreds of thousands of people within the U.S.

The Synnovis ransomware attack caused widespread outages in hospitals across London

A June cyberattack on UK pathology laboratory Synnovis – a blood and tissue testing laboratory for hospitals and healthcare facilities across the UK – caused widespread disruption to patient services for weeks. Local National Health Service trusts that depend on the laboratory postponed 1000’s of surgeries and procedures after the breach, prompting the declaration of a critical incident within the UK health sector.

The cyberattack was blamed on a Russian-based ransomware gang that led to theft of data related to roughly 300 million patient interactions from a “significant number” of years ago. As with the Change Healthcare data breach, the implications for those affected are more likely to be significant and lasting.

Advertisement

Some of the info has already been published online to be able to force the laboratory to pay a ransom. Synnovis apparently refused to pay the hackers a ransom of $50 millionstopping the gang from cashing in on the break-in but leaving it UK government searching for plan in case hackers put hundreds of thousands of medical records online.

One of the NHS trusts that manages five hospitals in London affected by the outages reportedly failed to fulfill data security standards required by the NHS before the June cyberattack on Synnovis.

560 million records were allegedly stolen within the Snowflake Ticketmaster hack

A series of data thefts from cloud data giant Snowflake quickly was one of the largest breaches of the yr, with massive amounts of data stolen from corporate customers.

Cybercriminals have stolen tons of of hundreds of thousands of customer data from some of the world’s largest corporations, including alleged 560 million records from Ticketmaster, 79 million records from Advance Auto Parts and roughly 30 million records from TEG – using stolen credentials of data engineers with access to their employers’ Snowflake environments. Snowflake, for its part, doesn’t require (or force) its customers to make use of a security feature that protects against hacks that depend on stolen or reused passwords.

Advertisement

Incident response firm Mandiant said about 165 Snowflake customers had their accounts stolen, and in some cases, “a significant amount of customer data.” So far, only a handful of the 165 corporations have confirmed that their environments were breached, which also includes tens of 1000’s of worker data from Neiman Marcus AND Bank SantanderAND (*1*)hundreds of thousands of Los Angeles Unified School District student recordsYou can expect many Snowflake customers to come back forward.

This article was originally published on : techcrunch.com

Technology

Anysphere, which makes the cursor supposedly collect USD 900 million with a valuation of USD 9 billion

Published

on

By

AI robot face and programming code on a black background.

Anysphere, producer of coding cursor with AI drive, attracted $ 900 million in the recent financing round by Thrive Capital, Financial Times He informed, citing anonymous sources familiar with the contract.

The report said that Andreessen Horowitz (A16Z) and ACCEL also participate in the round, which values ​​about $ 9 billion.

The cursor collected $ 105 million from Thrive, and A16Z with a valuation of $ 2.5 billion, as TechCrunch said in December. Capital Thrive also led this round and in addition participated in A16Z. According to Crunchbase data, the startup has collected over $ 173 million thus far.

Advertisement

It is alleged that investors, including index ventures and a reference point, attempt to support the company, but plainly existing investors don’t want to miss the opportunity to support it.

Other coding start-ups powered by artificial intelligence also attract the interest of investors. Techcrunch announced in February that Windsurf, a rival for Aklesphere, talked about collecting funds at a valuation of $ 3 billion. Openai, an investor in Anysphere, was supposedly I’m attempting to get windsurf for about the same value.

(Tagstransate) A16Z

(*9*)This article was originally published on : techcrunch.com

Continue Reading

Technology

This is the shipping of products from China to the USA

Published

on

By

Shein and Temu icons are seen displayed on a phone screen in this illustration photo

The Chinese retailer has modified the strategy in the face of American tariffs.

Thanks to the executive ordinance, President Donald Trump ended the so -called de minimis principle, which allowed goods value 800 USD or less entering the country without tariffs. It also increases tariffs to Chinese goods by over 100%, forcing each Chinese firms and Shein, in addition to American giants, similar to Amazon to adapt plans and price increases.

CNBC reports that this was also affected, and American buyers see “import fees” from 130% to 150% added to their accounts. Now, nevertheless, the company is not sending the goods directly from China to the United States. Instead, it only displays the offers of products available in American warehouses, while goods sent from China are listed as outside the warehouse.

Advertisement

“He actively recruits American sellers to join the platform,” said the spokesman ago. “The transfer is to help local sellers reach more customers and develop their companies.”

(tagstotransate) tariffs

This article was originally published on : techcrunch.com
Continue Reading

Technology

One of the last AI Google models is worse in terms of safety

Published

on

By

The Google Gemini generative AI logo on a smartphone.

The recently released Google AI model is worse in some security tests than its predecessor, in line with the company’s internal comparative test.

IN Technical report Google, published this week, reveals that his Flash Gemini 2.5 model is more likely that he generates a text that violates its security guidelines than Gemini 2.0 Flash. In two indicators “text security for text” and “image security to the text”, Flash Gemini 2.5 will withdraw 4.1% and 9.6% respectively.

Text safety for the text measures how often the model violates Google guidelines, making an allowance for the prompt, while image security to the text assesses how close the model adheres to those boundaries after displaying the monitors using the image. Both tests are automated, not supervised by man.

Advertisement

In an e-mail, Google spokesman confirmed that Gemini 2.5 Flash “performs worse in terms of text safety for text and image.”

These surprising comparative results appear when AI is passing in order that their models are more acceptable – in other words, less often refuse to answer controversial or sensitive. In the case of the latest Llam Meta models, he said that he fought models in order to not support “some views on others” and answers to more “debated” political hints. Opeli said at the starting of this yr that he would improve future models, in order to not adopt an editorial attitude and offers many prospects on controversial topics.

Sometimes these efforts were refundable. TechCrunch announced on Monday that the default CHATGPT OPENAI power supply model allowed juvenile to generate erotic conversations. Opeli blamed his behavior for a “mistake”.

According to Google Technical Report, Gemini 2.5 Flash, which is still in view, follows instructions more faithfully than Gemini 2.0 Flash, including instructions exceeding problematic lines. The company claims that regression might be partially attributed to false positives, but in addition admits that Gemini 2.5 Flash sometimes generates “content of violation” when it is clearly asked.

Advertisement

TechCrunch event

Berkeley, California
|.
June 5

Book now

Advertisement

“Of course, there is a tension between (after instructions) on sensitive topics and violations of security policy, which is reflected in our assessment,” we read in the report.

The results from Meepmap, reference, which can examine how models react to sensitive and controversial hints, also suggest that Flash Gemini 2.5 is much less willing to refuse to reply controversial questions than Flash Gemini 2.0. Testing the TechCrunch model through the AI ​​OpenRoutter platform has shown that he unsuccessfully writes essays to support human artificial intelligence judges, weakening the protection of due protection in the US and the implementation of universal government supervisory programs.

Thomas Woodside, co -founder of the Secure AI Project, said that the limited details given by Google in their technical report show the need for greater transparency in testing models.

“There is a compromise between the instruction support and the observation of politics, because some users may ask for content that would violate the rules,” said Woodside Techcrunch. “In this case, the latest Flash model Google warns the instructions more, while breaking more. Google does not present many details about specific cases in which the rules have been violated, although they claim that they are not serious. Not knowing more, independent analysts are difficult to know if there is a problem.”

Advertisement

Google was already under fire for his models of security reporting practices.

The company took weeks to publish a technical report for the most talented model, Gemini 2.5 Pro. When the report was finally published, it initially omitted the key details of the security tests.

On Monday, Google published a more detailed report with additional security information.

(Tagstotransate) Gemini

Advertisement
This article was originally published on : techcrunch.com
Continue Reading
Advertisement

OUR NEWSLETTER

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Trending