The Great Data Heist: How Hackers Are Ripping Off Your Privacy
As we approach the midpoint of 2024, it’s become painfully clear that the world is in the midst of a data breach epidemic. The past few months have seen some of the most devastating hacks in recent history, with billions of records stolen and countless individuals left vulnerable to identity theft and financial ruin.
AT&T’s Catastrophic Breach
In March, AT&T’s customer data was dumped online, exposing the personal information of 73 million customers. But it wasn’t until a security researcher discovered that the encrypted passcodes used to access customer accounts could be easily unscrambled that the telecom giant took action. The researcher’s findings prompted AT&T to force-reset its customers’ account passcodes, but the company still can’t explain how the data was leaked or where it came from.
Change Healthcare’s Massive Data Heist
In February, health tech giant Change Healthcare was hacked by a prolific ransomware gang, resulting in the theft of sensitive health data on a "substantial proportion" of people in the United States. The company paid the hackers to obtain a copy of the stolen data, which includes personal, medical, and billing information on hundreds of millions of individuals. UnitedHealth Group, Change Healthcare’s parent company, has yet to attach a number to the number of individuals affected, but CEO Andrew Witty told lawmakers that the breach may affect around one-third of Americans.
Synnovis’s Widespread Outages
In June, a Russia-based ransomware gang hacked U.K. pathology lab Synnovis, causing widespread disruption to patient services across London. The lab’s data was stolen, including records on 300 million patient interactions dating back a "significant number" of years. The hackers demanded a $50 million ransom, which Synnovis refused to pay, leaving the U.K. government scrambling for a plan to prevent the data from being posted online.
Ticketmaster’s Alleged 560 Million Records Stolen
In a series of data thefts from cloud data giant Snowflake, hundreds of millions of customer records were stolen from some of the world’s biggest companies, including an alleged 560 million records from Ticketmaster. The hackers used stolen credentials of data engineers with access to their employer’s Snowflake environments to gain access to the data. Snowflake does not require its customers to use the security feature that protects against intrusions that rely on stolen or reused passwords.
These breaches are just the tip of the iceberg, and it’s only a matter of time before more companies fall victim to these sophisticated hackers. The question is, how many more records will be stolen before something is done to stop these cybercriminals?
Author: Kayitsi.com
