In 2024, data breaches reached unprecedented levels, sparing no industry or organization size. From household-name corporations to specialized institutions, sensitive information was stolen, exploited, and weaponized, impacting billions globally. As we unravel the details of 2024’s most infamous cyber incidents, it becomes evident that no one is immune to the evolving tactics of cyber criminals.
The following cases offer a stark reminder of the vulnerabilities within our digital ecosystems—and why fortifying cybersecurity is not just an option but a necessity. Read on to discover how these breaches unfolded and the lessons they leave in their wake.
National Public Data.
In April 2024, National Public Data (NPD), a subsidiary of Jerico Pictures, suffered one of the year’s largest data breaches, exposing 2.9 billion records of 1.3 billion individuals. The compromised data, found circulating on dark web forums, included historical addresses, Social Security numbers, and nicknames. The breach led to multiple class-action lawsuits against Jerico Pictures, alleging that the company failed to implement adequate security measures to protect sensitive data. Jerico Pictures filed for Chapter 11 bankruptcy on October 2, 2024, citing the overwhelming financial impact of the incident.
Cencora Inc.
In February, Cencora Inc. (formerly AmerisourceBergen) suffered a data breach that exposed personally identifiable information (PII), including names, addresses, dates of birth, and Social Security numbers. The company paid a record $75 million ransom, marking the largest known cyber extortion payment. Experts warn that this payment highlights the growing risks for the healthcare sector, making it an even more attractive target for future attacks.
Cencora did not state how many individuals have been affected. Three HIPAA breach reports have previously been filed with the HHS Office for Civil Rights as a result of the Cencora cyberattack, two by AmerisourceBergen Specialty Group that affected 252,214 individuals and 3,102 individuals, and one by The Lash Group, which affected 15,196 individuals. Cencora believes the incident has been contained; however, remediation efforts and file review are ongoing.
AT&T.
In 2024, AT&T reported two major data breaches. The first, exposed call and text logs for up to 110 million customers, including those using Mobile Virtual Network Operators (MVNO) like Cricket and Boost Mobile. The compromised data included communication patterns, locations, and frequently contacted numbers, raising risks of phishing and privacy violations. AT&T has since secured the breach, notified affected customers, and launched an investigation. Based on AT&T’s preliminary analysis, the compromised data dates back to 2019 or earlier, affecting approximately 7.6 million current account holders and 65.4 million former account holders.
The second breach involved 73 million customer records, including personal details and encrypted passwords, found on a data brokerage. AT&T responded by resetting over 7 million passwords. Both breaches highlight significant security risks, with the combined data creating opportunities for identity theft and fraud.
Get Free Access to “Your Guide to Mitigating Human Cybersecurity Risks“
Common cybersecurity risks employees pose, practical guidance for leaders to minimize human vulnerabilities, technology’s role in strengthening defenses, and more!
LoanDepot.
In January 2024, LoanDepot, a California-based loan and mortgage company, suffered a ransomware attack by the ALPHV/BlackCat group, exposing the personal information of nearly 16.6 million customers, including sensitive data such as Social Security numbers and financial account details. The attack occurred between January 3rd and 5th, forcing LoanDepot to take systems offline until January 19th. Customers were notified of the breach on February 23rd, sparking concerns over the delayed disclosure. LoanDepot has reported that the costs associated with the ransomware incident have reached nearly $27 million, including expenses for investigation, remediation, customer notifications, identity protection, and legal settlements.
Ticketmaster.
In May 2024, Ticketmaster revealed a breach affecting up to 560 million individuals, with personal data such as names, contact details, order information, and partial payment card details stolen by the hacking group ShinyHunters. The 1.3 terabyte dataset was reportedly put up for sale on the dark web, prompting Live Nation Entertainment to notify impacted users and highlight varying levels of compromised information.
United Healthcare.
In February 2024, United Healthcare experienced a significant cyberattack on its Change Healthcare payment processing system, potentially compromising the sensitive data of up to 100 million individuals. The attack, attributed to the ALPHV/BlackCat ransomware group, exposed personal health information (PHI), including medical histories, billing data, and financial accounts, leading to widespread disruptions in healthcare services and raising concerns about identity theft. Despite paying a $22 million ransom, the attackers reportedly failed to honor the agreement, resulting in the leak of a substantial amount of data.
Patelco Credit Union.
On June 29, 2024, Patelco Credit Union discovered a security breach after an unauthorized party accessed its network on May 23, 2024. Patelco Credit Union reported that the personal information of over 1 million individuals was stolen, including Social Security numbers, driver’s license numbers, dates of birth, and email addresses. They publicly disclosed the breach on August 20, 2024, and began notifying affected individuals, offering two years of free credit monitoring and identity protection services to the affected individuals. They confirmed that the RansomHub group was behind the attack
The Walt Disney Company.
Hacktivist group “NullBulge” claims to have leaked 1.1 TB of Disney’s internal Slack data, allegedly obtained with insider help. Among the trove of data were unreleased projects, code, login credentials, and employee conversations NullBulge, known for opposing cryptocurrency and AI-generated art, says the hack aligns with its philosophy of targeting entities it views as unethical. Disney has since moved away from using Slack for internal communication.
Dell.
In 2024, Dell experienced two major data breaches, one in May and another in September. The May breach exposed 49 million customer records, including addresses and purchase histories, while the September breach affected 10,000 employees, compromising personal information like phone numbers, Social Security numbers, and employee IDs. Experts believe both attacks were likely caused by phishing and vulnerabilities in Atlassian systems.
Looking Forward to 2025.
It’s never been more important for businesses of all sizes to strengthen their cybersecurity posture. While high-profile attacks on major corporations and government systems capture headlines, the reality is that small and medium-sized businesses (SMBs) are equally, if not more, vulnerable to cyber threats. With limited resources, SMBs often suffer from greater financial and operational damage. Fostering a culture of digital awareness and providing employees with the knowledge they need to minimize their risk can drastically reduce the chances of your company experiencing a costly cybersecurity incident.
Take Control of Digital Footprint Risks.
Know your exposure, take action against it, and minimize the impact that digital footprint risks can have on your business.