Data breaches kept increasing in 2024, so bad in the health care sector that it prompted changes to regulation in the United State

January 6, 2025 |

With the end of 2024 there has been a compiling of data breaches in 2024. It makes for sombre reading. According to Proven Data the biggest data breaches in the United States were:

National Public Data breach.

  • Records compromised: 2.7-3 billion
  • Scope: Affected individuals in the United States, Canada, and the United Kingdom
  • Key details: Included social security numbers, names, addresses, and other personal information

Ticketmaster data breach

  • Records compromised: 560 million
  • Key details: Exposed personal and financial information, including names, email addresses, phone numbers, and payment details

Change Healthcare ransomware attack

  • Records compromised: Approximately 145 million
  • Scope: Potentially affecting one-third of Americans
  • Key details: Exposed personal, medical, and billing information through a ransomware attack

AT&T data breach

  • Records compromised: 73 million
  • Key details: Exposed customer data, including Social Security numbers, account numbers, and passcodes

Snowflake Cloud data breaches

  • Total records: Over 165 customer environments were compromised
  • Notable victims:
    • Ticketmaster: Up to 560 million customer records exposed
    • Santander Bank: 30 million customer records compromised
    • AT&T: Call and text records spanning multiple months
    • Advance Auto Parts: Over 2.3 million individuals were affected, with sensitive job application data exposed

In December alone the significant data breaches were:

1. SRP Federal Credit Union Breach

On December 19, SRP Federal Credit Union disclosed a breach that impacted over 240,000 members. The incident occurred between September 5 and November 4, exposing sensitive data including Social Security numbers, driver’s license numbers, dates of birth, and financial account information. A ransomware group named Nitrogen claimed responsibility, alleging the theft of 650 GB of customer data.

2. Ascension Health Data Breach

On December 20, Ascension, one of the largest U.S. hospital operators, reported a ransomware attack from May 2024 that had compromised the data of nearly 5.6 million individuals. The breach included patient records, lab test results, and insurance information.

3. Rhode Island Government Data Breach

On December 15, Rhode Island officials revealed a breach affecting hundreds of thousands of residents. The compromised data included Social Security numbers and financial details.

4. Krispy Kreme Cyberattack

On December 11, Krispy Kreme Inc. reported a breach discovered on November 29, significantly impacting its online ordering systems. The incident affected the company’s revenue and financial condition.

5. Automation Personnel Services Settlement

, Automation Personnel Services reached a $1.375 million settlement on December 24 following a class-action lawsuit stemming from a 2020 breach. The financial and reputational repercussions of the breach continued into 2024.

6. LoanDepot Breach

LoanDepot, a leading mortgage lender based in Irvine, California, experienced a data breach affecting approximately 16.9 million customers. The attack, attributed to the Alphv (Blackcat) ransomware group, compromised personal information including names, addresses, financial account numbers, phone numbers, and dates of birth. The breach caused operational disruptions lasting nearly two weeks.

Lest any complacency sink in about Australia avoiding the scourge of data breaches and being as poor at meeting that challenge as overseas cousins are the significant, reported, dated breaches in Australia for December alone were:

WACER & University of Sydney-Based Fresh Produce Safety Centre Australia & New Zealand – December 2024

Waverley Christian College – December 2024

Ainsworth Game Technology – December 2024

Thanks for the Help (TFTH) – December 2024

Nicholsons Solicitors – December 2024

Leave a Reply





Verified by MonsterInsights