The Great Data Heist: How the World’s Biggest Companies Are Getting Screwed
It’s 2024 and the data breaches just keep on coming. In fact, this year has seen some of the most devastating security incidents in recent history. And it’s not just small-time hackers trying to make a quick buck – these attacks are being carried out by some of the most sophisticated and well-resourced cybercriminals on the planet.
Let’s start with AT&T, who thinks they’re above the law. In July, they confirmed that cybercriminals had stolen a massive cache of data containing phone numbers and call records of "nearly all" of their customers – over 110 million people. And get this, it wasn’t even stolen directly from their systems, but from an account they had with data giant Snowflake. Nice try, AT&T.
But AT&T’s not the only one with egg on their face. Change Healthcare, a health insurance giant, was hit with a ransomware attack that stole the medical data of a "substantial proportion" of people in America. And we’re not talking about a few hundred thousand – we’re talking about tens of millions of records. The worst part? UnitedHealth Group, the parent company of Change Healthcare, paid the hackers to obtain a copy of the stolen data. What a sweet deal.
And then there’s Synnovis, a UK-based pathology lab that was hit with a ransomware attack that caused widespread outages at hospitals across London. The hackers stole data related to some 300 million patient interactions, dating back a "significant number" of years. And to make matters worse, the lab refused to pay the hackers’ $50 million ransom, leaving the U.K. government scrambling to cover up the mess.
But the real culprit behind all these breaches is Snowflake, the cloud data giant. According to incident response firm Mandiant, around 165 Snowflake customers had their data stolen, including tens of thousands of employee records from Neiman Marcus and Santander Bank. And get this – Snowflake doesn’t even require (or enforce) its customers to use the security feature that protects against intrusions that rely on stolen or reused passwords. So, in other words, Snowflake is basically asking to be hacked.
In conclusion, the data breaches of 2024 are a clear indication that our cybersecurity is in shambles. We need to take drastic measures to protect our personal data and hold these corporations accountable for their negligence. Anything less is unacceptable.
Author: Kayitsi.com
