Connect with us

Technology

Biggest data breaches of 2024: 1 billion records stolen and counting

Published

on

The end of 2024 is approaching – a yr that can go down in history as one of the most important and most damaging data breaches in recent history. And just once you think some of these hacks couldn’t get any worse, they do.

From vast troves of customer personal data that were stolen, stolen, and published online, to tons of medical records referring to most individuals within the United States that were stolen, the worst data breaches in 2024 have surpassed 1 billion stolen records and counting. These breaches not only affect individuals whose data has been irretrievably exposed, but in addition embolden criminals who benefit from their malicious cyberattacks.

Travel with us into the recent past to see how some of the largest security incidents of 2024 happened, what their impact was and, in some cases, they might have been stopped.

AT&T’s data breaches affect “almost all” of its customers and many more non-customers

For AT&T, 2024 was a really bad yr for data security. The telecommunications giant confirmed not one, but two separate data breaches inside just a few months of one another.

In July, AT&T said cybercriminals had stolen a data cache containing the phone numbers and call records of “almost all” of its customers, or about 110 million people, over a six-month period in 2022 and in some cases longer. The data wasn’t stolen directly from AT&T’s systems, but from an account she had with data giant Snowflake (more on that later).

Although the stolen AT&T data is just not public (i.e one report suggests that AT&T paid a ransom to hackers to delete stolen data), and the data itself doesn’t contain the content of calls or text messages, the “metadata” still reveals who called whom and when, and in some cases the data will be used to find out approximate location. Worse still, the data includes the phone numbers of non-customers that AT&T customers called during that point. Making data public could also be dangerous for people belonging to the next risk group, e.g. individuals who have experienced domestic violence.

This was AT&T’s second data breach this yr. In early March, the data breach broker placed a full cache of 73 million customer records online on a distinguished cybercrime forum for anyone to see, about three years after a much smaller sample appeared online.

The data published included customers’ personal information, including names, telephone numbers and postal addresses, and some customers confirmed that their details were accurate.

However, the telecom giant only took motion after a security researcher discovered that the leaked data included encrypted passwords used to access the shopper’s AT&T account. A security researcher told TechCrunch on the time that encrypted passwords may very well be easily decrypted, putting roughly 7.6 million existing AT&T customer accounts in danger of being compromised. AT&T forced password resets on its customer accounts after TechCrunch alerted the corporate to the researcher’s findings.

One big mystery stays: AT&T still doesn’t know the way the data leaked or where it got here from.

Hackers from Change Healthcare stole medical data from a “significant portion” of the American population

In 2022, the US Department of Justice sued medical health insurance giant UnitedHealth Group to dam its attempted takeover of health tech giant Change Healthcare, fearing that the deal would give the healthcare conglomerate broad access to about “half of all Americans’ health insurance claims” every year. The try and block the transaction ultimately failed. Then, two years later, something much worse happened: an influential ransomware gang hacked Change Healthcare; its massive banks of sensitive health data were stolen because one of the corporate’s key systems was not protected by multi-factor authentication.

Long outages brought on by the cyberattack continued for weeks, causing widespread outages at hospitals, pharmacies and doctor’s offices across the United States. However, the consequences of a data breach will not be yet fully understood, although the results for those affected will likely be irreversible. UnitedHealth says the stolen data – which it paid hackers to repeat – includes personal, medical and billing information for a “significant portion” of U.S. residents.

UnitedHealth has not yet released the number of people affected by the breach. The health care giant’s chief executive, Andrew Witty, told lawmakers the breach could affect a couple of third of Americans, and potentially more. For now, the purpose is that it only affects lots of of thousands and thousands of people within the US.

The Synnovis ransomware attack caused widespread outages in hospitals across London

A June cyberattack on British pathology laboratory Synnovis – a blood and tissue testing laboratory for hospitals and healthcare facilities across the UK capital – caused widespread disruption to patient services for weeks. Local National Health Service trusts that depend on the laboratory postponed hundreds of surgeries and procedures after the breach, prompting the declaration of a critical incident within the UK health sector.

A Russian ransomware gang was blamed for the cyberattack theft of data related to roughly 300 million patient interactions from a “significant number” of years ago. As with the Change Healthcare data breach, the results for those affected are more likely to be significant and lasting.

Some of the data has already been published online in an try and force the lab to pay a ransom. According to Synnovis reports refused to pay the hackers a ransom of $50 millionstopping the gang from making the most of the break-in, but leaving it behind the UK government is working on a plan in case hackers put thousands and thousands of medical records online.

One of the affected NHS trusts, which runs five hospitals across London, reportedly failed to fulfill data security standards required by the NHS within the years leading as much as the June cyber attack on Synnovis.

560 million records were allegedly stolen within the Snowflake Ticketmaster hack

A series of data thefts from cloud data giant Snowflake quickly escalated into one of the largest breaches of the yr, with massive amounts of data stolen from corporate customers.

Cybercriminals have stolen lots of of thousands and thousands of customer data from some of the world’s largest corporations, including: alleged 560 million records from Ticketmaster, 79 million records from Advance Auto Parts and roughly 30 million records from TEG – using stolen credentials of data engineers with access to their employers’ Snowflake environments. For its part, Snowflake doesn’t require (or force) its customers to make use of a security feature that protects against hacks involving stolen or reused passwords.

Incident response firm Mandiant said about 165 Snowflake customers had their data stolen and, in some cases, “significant amounts of customer data.” So far, only a handful of 165 corporations have confirmed that their environments were breached, which also includes tens of hundreds of worker data from Neiman Marcus AND Bank SantanderAND (*1*)thousands and thousands of records about Los Angeles Unified School District students. Expect lots of Snowflake customers to come back forward.

(Im)honorable mentions

Cencora notifies over 1,000,000 and still counts that it has lost their data:

US pharmaceutical giant Cencora disclosed a February data breach involving compromise of patient health data. Cencora obtained this information through cooperation with drug manufacturers. Cencora steadfastly refuses to say how many individuals have been affected, but TechCrunch calculations show that well over 1,000,000 people have been notified up to now. Cencora says it has served greater than 18 million patients up to now.

MediSecure data breach affects half of Australia:

Nearly 13 million people in Australia – roughly half the country’s population – have had their personal and health information stolen ransomware attack on prescription drug supplier MediSecure in April. MediSecure, which was distributing prescriptions to most Australians by the tip of 2023, declared insolvency shortly after the large theft of customer data.

Kaiser has made the health data of thousands and thousands of patients available to advertisers:

U.S. medical health insurance giant Kaiser disclosed a data breach in April after it inadvertently shared the private health information of 13.4 million patients, particularly search terms on web sites about diagnoses and medications, with technology corporations and advertisers. Kaiser stated that it used their tracking code for website analytics. The medical health insurance provider disclosed the incident within the wake of several other telehealth startups corresponding to Cerebral, Monument and Tempest admitting that they, too, had shared data with advertisers.

USPS also shared its mailing address with tech giants:

Then got here the U.S. Postal Service, which was caught sharing logged-in users’ mailing addresses with advertisers like Meta, LinkedIn and Snap, using the same tracking code provided by those corporations. USPS removed the tracking code from its website after TechCrunch alerted the Postal Service in July to the improper sharing of data, however the agency didn’t say how many individuals collected the data. As of March 2024, USPS has over 62 million Informed Delivery users.

Evolve Bank data breach affected fintech clients and startups:

In July, cybercriminals stole the private data of over 7.6 million people in a ransomware attack against Evolve Bank. Evolve is a banking services giant that mainly serves fintech corporations and startups corresponding to Affirm and Mercury. As a result, many individuals notified in regards to the data breach had never heard of Evolve Bank, let alone interacted with the corporate, before the cyberattack.

National public records bankrupt after thousands and thousands of SSNs stolen

The company behind data broker National Public Data filed for Chapter 11 bankruptcy protection in October, based on various analyzes by security researchers, months after an enormous data breach exposed about three billion records referring to roughly 270 million people. The data broker allowed its paying customers access to extensive databases containing names, dates of birth, email and postal addresses, phone numbers and social security numbers (even when not all of the data was accurate). The company said it needed to file for bankruptcy since it could now not generate enough revenue to deal with the deluge of class motion lawsuits and growing liability from state and federal regulators.

.

This article was originally published on : techcrunch.com
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

World of Warcraft turns 20 years old

Published

on

By

Blizzard Entertainment first released World of Warcraft in November 2004, so The New York Times celebrated an anniversary describing how 20 years later we will still see the influence of online multiplayer role-playing games.

First, while multiplayer games and early social networks like MySpace already existed, WoW provided an actual preview of a future where anyone could connect with friends and strangers on the (*20*). Second, the sport made billions of dollars on a business model that combined monthly subscriptions with in-game purchases (including pets and animals that players could ride), becoming a large money cow for Blizzard and paving the way in which for future online business models.

The game also appeared immortal memesattracted celebrity fans and suggested epidemiologists argue that an incident involving the uncontrolled spread of a fantasy disease could possibly be investigated to realize insight into real-world epidemics.

Other than that, I didn’t think the movie was that bad.

This article was originally published on : techcrunch.com
Continue Reading

Technology

Exploration Company is raising $160 million to create Europe’s answer to SpaceX Dragon

Published

on

By

Nyx orbital vehicle The Exploration Company

Only two firms currently deliver cargo to and from the International Space Station, and each are based within the United States. Exploration Companywhich operates in Germany, France and Italy, wants to change that: it has just closed a big round of financing to proceed its mission to construct Europe’s first reusable space capsule.

The $160 million Series B round will fund further development of the Nyx spacecraft, which is able to find a way to carry 3,000 kilograms of cargo to Earth and back. The company, founded three years ago by aerospace engineers Hélène Huby, Sebastien Reichstat and Pierre Vine, goals to conduct Nyx’s maiden flight to and from the ISS in 2028.

“We are the first company in the world where, for the first time, it is funded primarily by private investors,” Huby said in a recent interview. This contrasts with SpaceX’s Dragon capsule, which it said was “primarily funded by NASA.”

With the brand new financing, led by Balderton Capital and Plural, the startup’s total funding now stands at over $208 million. Bessemer Venture Partners, NGP Capital and two European sovereign funds, French Tech Souveraineté and DeepTech & Climate Fonds, also participated within the Series B.

“We have managed to deliver on the promises we have made over the last three years,” Huby said. “We were able to hit our cash target every quarter… Investors could see that we were basically able to deliver on time, on cost and with quality.”

The startup has partnered with the European Space Agency (ESA), which has recognized the necessity to support indigenous space launch and transportation capabilities. Earlier this 12 months, Exploration Company was awarded a research contract value roughly €25 million ($27 million) to develop cargo return services. This contract will run until 2026, after which additional competitive contracts are expected to follow. ESA’s goal is to launch no less than one capsule to the ISS in 2028.

The structure of the contract, called the LEO Cargo Return Service Contract, is similar to the NASA Commercial Orbital Return Transportation Services program, which the agency launched in 2006. This program resulted in multi-billion-dollar transportation contracts with SpaceX and Orbital Sciences Corporation (now Northrop Grumman).

It’s a promising start, but equally promising is the potential The Exploration Company sees on the industrial side. About 90% of the startup’s $770 million order book comes from private station developers Vast, Axiom Space and Starlab, according to the most recent reports.

The first Exploration Company demonstration vehicle was launched this summer on the maiden flight of Ariane 6, but it surely was not deployed due to an issue with the rocket’s upper stage. A second, smaller-scale demonstration mission, called Mission Could, is scheduled to launch aboard a SpaceX Falcon 9 next 12 months.

“I really respect what SpaceX has accomplished,” Huby said. “We try to get the most out of it, we are inspired by what they achieved. However, we also believe that the world needs more competition and we want to build an alternative step by step. We are very aware that we are late, that we are much smaller, etc., but we have to start.”

This article was originally published on : techcrunch.com
Continue Reading

Technology

Dissatisfied X users switch to Bluesky

Published

on

By

Welcome back to the week in review. This week, we discuss the large surge in Bluesky users, Elon Musk co-heading Trump’s “Department of Government Efficiency,” and Mark Zuckerberg’s latest foray into extreme wife-male behavior. Let’s go.

Bluesky is experiencing significant growth as X users dissatisfied with the platform’s latest political decisions move to a rival social network. The decentralized social media platform has grown to over 16 million users, including Swifties. If you are making a change – or no less than want to see if the grass is greener (or bluer) on the opposite side of the road – we have put together a guide on how to start.

Tesla’s Cybertruck faces sixth recall in the course of the 12 months, affecting 2,431 units. Tesla’s report shows that these trucks are or were equipped with a faulty inverter. Unlike the October Cybertruck recall, which might be resolved with an over-the-air update, Tesla will need to physically replace the recalled inverters for this batch. The electric vehicle maker said it could do it without cost.

Elon Musk will co-chair with President-elect Donald Trump Department of Government Effectiveness, whose acronym refers to Musk’s favorite cryptocurrency. Musk, together with biotech entrepreneur and former presidential candidate Vivek Ramaswamy, will lead the department to help the Trump administration “dismantle government bureaucracy, cut excess regulation, slash wasteful spending and restructure federal agencies.”



News

Image credits:Album cover with a canopy of Mark Zuckerberg’s “Get Low” with T-Pain

Mark Zuckerberg 🤝 T-Pain: Mark Zuckerberg commissioned T-Pain to write and record an acoustic cover of Lil Jon and The East Side Boyz’s “Get Low” as a present to his wife Priscilla Chan. Please note that he actually sings the infamous “to the window, to the wall” lyric. Read more

Standing desks usually are not as healthy as you think that: Apologies to standing desk users, but a brand new study has found that standing for greater than two hours a day doesn’t protect against the chance of heart problems and really increases the chance of circulatory problems. Read more

Talk to Tuah dating coach: Social media star Haliey Welch launched Pookie Tools, an AI-powered dating advice app for Gen Z singles. The app’s chatbot helps you write conversation starters, and one other tool predicts whether a possible match is lying about your height. Read more

The author took home $200 million: The generative artificial intelligence startup raised $200 million at a $1.9 billion valuation to expand its platform. CEO May Habib says the brand new funding will probably be used for product development and “consolidating the company’s leadership in the enterprise generative AI category.” Read more

Amazon fights against Temu: To higher compete with highly popular competitors Temu and Shein, Amazon launched the Amazon Haul store, offering discounted and mass-produced products, most of that are shipped from China. Read more

Just Eat sells Grubhub: The Dutch food delivery company sells Grubhub to Wonder Group in a deal valued at $650 million. That’s 91% lower than the $7.3 billion Just Eat Takeaway paid the corporate just 4 years ago. Read more

SBF is coming to the large screen: Lena Dunham is working with Apple and A24 on an adaptation of Michael Lewis’s book “Going Infinite,” which chronicles the lifetime of Sam Bankman-Fried and the implosion of FTX. Now I ponder who will probably be solid as SBF… Read more

Get ready for more AI video mistakes: InVideo launches an AI-powered generative video creation feature that enables users to use prompts to create videos in a wide range of styles, including live-action, animated, or anime. Read more

Apple Wall Mount Tablet: Apple is reportedly planning to release a tablet that might be mounted on a wall, control smart home appliances and make video calls in March 2025. The device will, in fact, be equipped with Apple Intelligence technology. Read more

Ads appear on Perplexity: An AI-powered search engine is experimenting with promoting. Ads on the positioning will initially run within the US and will probably be formatted as “sponsored follow-up questions” from partners including Indeed, Whole Foods, Universal McCann and PMG. Read more

You can now play Hot Cross Buns in your phone: The latest Artinoise product is a new edition of the classic plastic recorder. The portable device might be connected to any smartphone, tablet or PC equipped with a USB-C port, effectively transforming it right into a musical instrument. Read more

This article was originally published on : techcrunch.com
Continue Reading
Advertisement

OUR NEWSLETTER

Subscribe Us To Receive Our Latest News Directly In Your Inbox!

We don’t spam! Read our privacy policy for more info.

Trending