{"id":100283,"date":"2024-12-28T12:54:34","date_gmt":"2024-12-28T04:54:34","guid":{"rendered":"https:\/\/version-2.com\/?p=100283"},"modified":"2024-12-18T13:01:06","modified_gmt":"2024-12-18T05:01:06","slug":"biggest-data-breaches-of-2024","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2024\/12\/biggest-data-breaches-of-2024\/","title":{"rendered":"Biggest data breaches of 2024"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"100283\" class=\"elementor elementor-100283\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\" width=\"1000\" height=\"571\" \/><\/p><div class=\"Grid_container__uXi5k\" style=\"--row-spacing-lg: var(--grid-spacing-0); --row-spacing-md: var(--grid-spacing-0); --row-spacing-sm: var(--grid-spacing-0);\"><div class=\"Grid_item__8Wd1v Grid_col9Lg__IiDDJ BlogArticle_contentGrid__wDyG9\"><div class=\"BlogArticle_articleSummary__vUkIt\"><div class=\"ArticleSummary_markdownWrapper__admhj\"><p class=\"Text_text__rSWMU Markdown_paragraph__WNGcF ArticleSummary_paragraph__AmdWA Text_bodyColor__a5sZX\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl ArticleSummary_strong__PSecf\">Summary:<\/strong> Data breaches in 2024 soared, with record-high costs and over 1 billion records exposed. Learn what caused it.<\/p><\/div><\/div><div id=\"section-1\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The modern economy runs on data. Businesses thrive based on how they collect, analyze, and use customer data. But none of that matters if you drop the ball on <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/other\/what-is-cyber-security\/\">cybersecurity<\/a>.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Data breaches are a hot topic with C-Suite leaders, IT journalists, and customers. That&#8217;s no surprise. 2023 was bad, but <strong class=\"Markdown_strong__zgufl\">2024 has been one of the worst years<\/strong> yet on the cybersecurity front.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">An average data breach now <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.ibm.com\/reports\/data-breach\" target=\"_blank\" rel=\"noopener\">costs $4.9 million<\/a>. Ransomware costs an average of $5.2 million, and thieves have stolen over 1 billion records.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Even so, we&#8217;re not here to spread panic. As this list of 2024&#8217;s biggest data breaches shows, every breach has a cause and a solution. Good security practices will defeat most attackers, and it helps to learn where others have failed. But first, let&#8217;s talk about statistics.<\/p><h2 id=\"key-facts-about-2024s-data-breaches\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">Key facts about 2024\u2019s data breaches<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">2024 has been another banner year for data breaches, with cybercriminals accelerating their efforts to steal and monetize confidential information. The stats below show that data theft is commonplace, and organizations face a challenging data security environment:<\/p><ul class=\"SharedArticleMarkdownComponents_list__wACy0 SharedArticleMarkdownComponents_horizontalSpacing__3J8kD List_list__ue2mH\"><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>National Public Data (NPD) will probably be 2024&#8217;s biggest data breach. The mammoth breach potentially impacts 2.9 billion records, close to <strong class=\"Markdown_strong__zgufl\">the most significant data leak ever<\/strong>.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"http:\/\/www.hipaajournal.com\/change-healthcare-responding-to-cyberattack\/\" target=\"_blank\" rel=\"noopener\">Change Healthcare<\/a> suffered the largest health-related data breach of the year, affecting over 100 million customer records. This could make it the largest healthcare breach in history.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>The average cost of a data breach reached $4.88 million in 2024.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>The cost of a data breach in cloud environments was even higher, averaging $5.17 million.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>40% of breaches involved data stored across multiple environments.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>68% of 2024 data breaches involved <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\" target=\"_blank\" rel=\"noopener\">human errors<\/a>, such as falling for phishing scams.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>14% of attacks involved security exploits, three times the 2023 total.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>On average, organizations took 194 days to identify data breaches.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>The average attack took 64 days to contain.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>Meta (Ireland) was fined 91 million euros for exposing customer data, the largest GDPR penalty in 2024.<\/div><\/li><\/ul><\/div><div id=\"section-2\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Type_of_data_compromised_by_percentage_11007f461d.png\" width=\"1400\" height=\"1039\" \/><\/div><div>\u00a0<\/div><\/div><div id=\"section-3\"><h2 id=\"the-biggest-data-breaches-of-2024\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">The biggest data breaches of 2024<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">A devastating data breach is a nightmare for customers and affected organizations. But breaches can have a positive side. Each incident is a learning opportunity. It&#8217;s easier to defend critical data when we understand the mistakes made by others and the tactics used by attackers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">With that in mind, let&#8217;s explore 2024&#8217;s biggest data breaches. New breaches hit the news weekly, but we will discuss these cases for years.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">1. National Public Data (1.3 billion individuals)<\/h3><\/div><div id=\"section-4\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/National_Public_Data_d8259e4531.png\" width=\"1400\" height=\"1036\" \/><\/div><\/div><div id=\"section-5\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">This one could be 2024&#8217;s biggest data breach. Before this year, few people knew National Public Data, a subsidiary of Jerico Pictures, Inc., but <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/eu.usatoday.com\/story\/tech\/2024\/08\/17\/social-security-hack-national-public-data-confirms\/74843810007\/\" target=\"_blank\" rel=\"noopener\">the company<\/a> is now notorious for data security failures.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In April, data broker USDoD listed a cache of NPD 2.9 billion records for sale on the Dark Web. According to <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/news.bloomberglaw.com\/privacy-and-data-security\/background-check-data-of-3-billion-stolen-in-breach-suit-says\" target=\"_blank\" rel=\"noopener\">Jerico<\/a>, the exposed data is related to 1.3 billion individuals. With a sale value of $3.5 million, it&#8217;s easy to see why criminals targeted the data handling company.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Filings with the Maine Attorney General suggested a massive regulatory penalty was on the cards. To make matters worse, NPD users filed a civil action in August, alleging the breach was foreseeable and avoidable.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Before either case could proceed, Jerico Pictures filed for bankruptcy in October. The company lost customer trust and folded as a direct result of the NPD breach. While USDoD has been arrested, the data thieves remain at large.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved<\/strong>? Almost everything. The 2.9 billion records included personally identifiable information (PII), historical addresses, social security numbers, and nicknames used by record holders.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> The details are unclear. As far as we know, the data breach started in December 2023. A bad actor nicknamed SXUL targeted NPD servers using unknown techniques. The data started to circulate on dark web forums, ending up with USDoD in April.<\/p><p data-testid=\"text\">\u00a0<\/p><\/div><div id=\"section-6\"><div class=\"BlogArticle_relatedArticles__N8UHK\"><div class=\"RelatedArticles_articlesContainer__ZSn2r\"><div class=\"RelatedArticlesCard_root__SK53_\"><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/AT_and_T_edf75224f5.png\" width=\"1400\" height=\"1036\" \/><\/p><div class=\"RelatedArticlesCard_content__QDAXW\"><div class=\"RelatedArticlesCard_titleBox__qraLH\">\u00a0<\/div><div class=\"ArticleMetadata_root__lkO5H ArticleMetadata_variantSmall___9ZcM\"><div class=\"ArticleMetadata_metadata__kBNOr ArticleMetadata_withBullets__kFhOa\">\u00a0<\/div><\/div><\/div><\/div><\/div><\/div><\/div><div id=\"section-7\"><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">2. AT&amp;T (2 breaches, over 110 million individuals)<\/h3><\/div><div id=\"section-8\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/AT_and_T_edf75224f5.png\" width=\"1400\" height=\"1036\" \/><\/div><div>\u00a0<\/div><\/div><div id=\"section-9\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">AT&amp;T is so big that a data breach there affects almost everyone. Unfortunately, <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.nytimes.com\/wirecutter\/reviews\/how-to-protect-yourself-att-breach\/\" target=\"_blank\" rel=\"noopener\">the telecommunications giant<\/a> reported two significant data breaches in 2024.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The first was a historical hack dating back to 2022. During a six-month window, hackers extracted call and messaging data for 110 million customers. In this case, AT&amp;T was partly at fault. The compromised data resided on servers maintained by hosting company Snowflake (itself listed later in a separate breach).<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The other security incident emerged when 73 million customer records appeared on a data brokerage. Alongside identifiable information, the cache contained encrypted passwords to access AT&amp;T accounts. Panicked by the disclosure, AT&amp;T issued a rare force reset of over 7 million passwords.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The Snowflake breach involved call and message metadata, not voice or text data. Even so, attackers could use metadata to determine user locations. The cache also included details of those contacted by AT&amp;T customers, another useful identifier.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The second breach included sensitive personal information like full names, postal addresses, and phone numbers. It also featured the encrypted passwords we noted earlier. Combining the two sets could be very powerful in the hands of bad actors.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> In the first case, thieves targeted Snowflake&#8217;s cloud storage infrastructure. Snowflake suggested that weak authentication processes caused the leak and that the UNC5537 hacking group was responsible.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The second AT&amp;T data breach in 2024 is less clear. AT&amp;T have not released information about the attackers or their mitigation processes. It looks like the password reset only happened after freelance security experts notified the <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/techcrunch.com\/2024\/04\/10\/att-notifies-regulators-after-customer-data-breach\/\" target=\"_blank\" rel=\"noopener\">TechCrunch website<\/a>. Not a good look for AT&amp;T&#8217;s internal team.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">3. Patelco Credit Union (726,000 individuals)<\/h3><\/div><div id=\"section-10\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Patelco_068227b93a.png\" width=\"1400\" height=\"991\" \/><\/div><\/div><div id=\"section-11\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Patelco is a Bay Area credit union that dates back to 1936 and manages over $9 billion in assets. That history almost ended in June 2024 when the <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.securityweek.com\/patelco-credit-union-data-breach-impacts-over-1-million-people\/\" target=\"_blank\" rel=\"noopener\">company detected<\/a> a significant ransomware attack.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The details of the massive data breach are sobering. The company&#8217;s initial fraud alert indicates a loss of 726,000 individual records and possible exposure of over 1 million records.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The Patelco breach involves data about customers and current and former employees. Stolen data includes names, addresses, dates of birth, license numbers, and social security numbers. Credit reports and financial accounts were all put at risk.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> According to Patelco, attackers entered the network on May 23 before accessing customer and employee databases on June 29. A ransomware attack then took down the credit union&#8217;s online banking, mobile app, and customer service centers, making it hard to resist their demands.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Two months later, the company notified regulators and customers. It also restored banking services after a damaging two-week break and provided support for customers needing an urgent credit report.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The perpetrators are unclear. However, the Dark Web ransomware gang RansomHub lists Patelco on their data brokerage and may have been responsible.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">4. Community Clinic of Maui (123,000 individuals)<\/h3><\/div><div id=\"section-12\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Community_Clinic_of_Maui_e96469ca43.png\" width=\"1400\" height=\"976\" \/><\/div><\/div><div id=\"section-13\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Attacks against healthcare organizations become more sophisticated yearly as hackers target sensitive personal information. This year, one of the worst attacks affected <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/securityaffairs.com\/169125\/data-breach\/community-clinic-of-maui-lockbit-ransomware.html\" target=\"_blank\" rel=\"noopener\">the Community Clinic of Maui<\/a> (or M\u0101lama).<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">According to the Clinic, threat actors accessed patient records between May 4 and May 7 this year. The ransomware attack took systems offline and directly impacted patient care.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The Clinic closed for two weeks, and nurses had to use paper charts for weeks after reopening. It took months to secure digital data and restore usual service.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> Regulatory filings suggest criminals stole social security number data, passport numbers, and names. Even worse, the attack exposed medical histories, biometric data, and financial account data (including CVVs).<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> Analysis indicates a group called <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-165a\" target=\"_blank\" rel=\"noopener\">LockBit<\/a> mounted the attack, as the group announced responsibility in June. Attackers breached cloud storage systems, using ransomware-as-a-service agents to extract valuable data.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">5. Infosys (8.5 million records)<\/h3><\/div><div id=\"section-14\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Infosys_Mc_Cammish_Systems_01bb5026f8.png\" width=\"1400\" height=\"966\" \/><\/div><\/div><div id=\"section-15\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Outsourcing company <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/economictimes.indiatimes.com\/tech\/information-tech\/infosys-mccamish-facing-fourth-class-action-suit-over-2023-data-breach\/articleshow\/112032159.cms?from=mdr\" target=\"_blank\" rel=\"noopener\">Infosys McCammish Systems<\/a> announced a major breach on September 6, 2024, potentially affecting 6.5 million records.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">According to filings, the attack dated back to late 2023, with attackers active between October and November. There was a <em>long<\/em> delay between data extraction and discovery.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The effects could be significant, as Infosys serves many massive financial and insurance partners. For instance, the breach exposed thousands of records from Wells Fargo and the Teachers Insurance and Annuity Association of America (TIAA).<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The Infosys breach involved insurance data, creating a critical identity theft risk. Data exposed included SSNs, birth dates, medical treatments, email passwords, state IDs, and driver&#8217;s license numbers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> LockBit took responsibility for the Infosys attack. The Russia-linked group implanted ransomware across the Infosys network, locking over 2,000 devices.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">6. UnitedHealth (100 million individuals)<\/h3><\/div><div id=\"section-16\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/United_Health_b382f63e51.png\" width=\"1400\" height=\"1001\" \/><\/div><\/div><div id=\"section-17\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Cyberattackers continue to ruthlessly target healthcare companies, including some of America&#8217;s biggest operators. In February 2024, TechCrunch reported a breach at <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/techcrunch.com\/2024\/10\/24\/unitedhealth-change-healthcare-hacked-millions-health-records-ransomware\/\" target=\"_blank\" rel=\"noopener\">UnitedHealth<\/a> that could impact 100 million customers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Health and Human Services (HHS) received a filing in October 2024, and investigations continue. If the numbers are accurate, UnitedHealth could be <strong class=\"Markdown_strong__zgufl\">the largest sensitive data breach<\/strong> in US history.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The attack targeted UH&#8217;s Change Healthcare payment processing system, deploying ransomware to take systems offline. The results have been crippling for providers reliant on UnitedHealth. Patients have experienced treatment and payment delays, not to mention the risks of identity theft.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The attack exposed extremely sensitive <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/protected-health-information\/\">protected health information (PHI)<\/a>. Records included medical histories, billing data, names and addresses, and financial accounts.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> A ransomware collective called ALPHV\/BlackCat executed the UnitedHealth attack. The group gained access to Change Healthcare systems, deployed ransomware, and extracted a $22 million bounty. Sadly, they failed to honor the agreement, taking a vast data hoard.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">7. Young Consulting (950,000 individuals)<\/h3><\/div><div id=\"section-18\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Young_Consulting_2e3dfcb143.png\" width=\"1400\" height=\"921\" \/><\/div><\/div><div id=\"section-19\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In August, news emerged of another enormous data breach. This time in the financial software sector. Software vendor <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/cybernews.com\/security\/million-affected-by-young-consulting-breach-by-blacksuit-ransomware\/\" target=\"_blank\" rel=\"noopener\">Young Consulting<\/a> admitted an attack in early 2024 had compromised almost a million records.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Between April 10 and 13, attackers freely explored the company&#8217;s network. They took full advantage, extracting data relating to a Young Consulting client, Blue Shield Insurance.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">This was a major headache as Blue Shield is a <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/covered-entity\/\">HIPAA-covered entity<\/a>. The threat actors subsequently sought to extort money from Young Consulting. Their extortion failed, and criminals made the data available via the Dark Web.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The attack involved insurance information, including dates of birth, policy numbers, SSNs, and protected medical information like prescriptions and past procedures.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> This is the crucial question. We know the attack was mounted by a ransomware group called BlackSuit. BlackSuit specializes in extortion attacks that access and encrypt data. The group posts this data on public websites until target organizations pay up.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">8. Ticketmaster (40 million individuals)<\/h3><\/div><div id=\"section-20\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Ticketmaster_e9e5a2d7e0.png\" width=\"1400\" height=\"919\" \/><\/div><\/div><div id=\"section-21\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In May 2024, data loss affected one of the world&#8217;s biggest entertainment companies. <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.bbc.com\/news\/articles\/c729e3qr48qo\" target=\"_blank\" rel=\"noopener\">Ticketmaster<\/a> admitted that thieves had extracted data relating to 40 million customers, making it one of <strong class=\"Markdown_strong__zgufl\">the largest breaches in the entertainment sector<\/strong>.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The 1.3TB data haul included identifiable information and earned the attackers around $500,000 within weeks, which is not bad for a few days&#8217; work.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> Attackers stole personal data, including customer names and addresses, payment data, and purchase histories. This unique information is a big deal as it can be used in identity theft and targeted phishing attacks.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> Cyberattackers from the ShinyHunters group accessed the Ticketmaster network via a vulnerability in the customer service portal. They then searched for customer data and extracted everything they needed.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The initial vulnerability involved Snowflake&#8217;s hosting infrastructure. Attackers hijacked a cloud hosting account, gained access, and used hosting privileges to access a client database. This should concern any organization reliant on cloud hosting.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">9. Evolve Bank (7.6 million individuals)<\/h3><\/div><div id=\"section-22\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Evolve_Bank_6a3c792bb3.png\" width=\"1400\" height=\"956\" \/><\/div><\/div><div id=\"section-23\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Finance is coming under intense pressure from cyberattackers, as the May 2024 <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.securityweek.com\/evolve-bank-data-breach-impacts-7-6-million-people\/\" target=\"_blank\" rel=\"noopener\">Evolve Bank<\/a> attack shows. The banking-as-a-service provider reported the security incident in July, describing a classic ransomware scenario.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Attackers accessed the bank&#8217;s network, extracted data, and threatened to sell it. When Evolve refused to pay, the cybercriminals followed through, exposing millions of accounts.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">According to the bank, attackers did not directly access customer funds (a common feature of 2024 ransomware attacks). Experts attributed responsibility to LockBit, who has had a busy and productive year.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> LockBit always seeks certain data types above others. In the Evolve attack, exposed data included social security numbers, details of financial accounts, and postal addresses.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> LockBit tends to launch attacks via ransomware-as-a-service kits. The attack method for Evolve is not known. In the past, LockBit has paid insiders to allow access, exploited VPN vulnerabilities, and compromised cloud infrastructure.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">10. Dell (49 million customers and 10,000 employees)<\/h3><\/div><div id=\"section-24\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Dell_7c0ff01000.png\" width=\"1400\" height=\"1026\" \/><\/div><\/div><div id=\"section-25\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Data breaches affect small startups and veteran companies alike. Few tech companies are as experienced as Dell. Nonetheless, the hardware giant fell victim to two catastrophic breaches in 2024.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In May, <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/05\/10\/dell-confirms-database-hacked-hacker-says-49-million-customers-hit\/\" target=\"_blank\" rel=\"noopener\">Dell admitted<\/a> losing 49 million customer records between 2017 and 2024. According to the company, the attack did not include personal or financial data but did compromise personal addresses and purchase histories.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In September, a <em>second<\/em> incident emerged. This time, hackers extracted 3.5GB of confidential employee data.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">This attack only affected 10,000 people, but the small number of victims is deceptive. Information about employees is invaluable for phishers seeking to compromise corporate assets. And the data extracted is exactly what they need.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The first incident exposed previous purchases, home addresses, and customer names. Dell says that the attack did not involve financial data and SSNs.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The second attack included employees&#8217; phone numbers and social security numbers, employee IDs, and their status. It also included data about partners, not just Dell workers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> Details are unclear. Most probably, threat actors posed as IT support, tricking staff into sharing VPN credentials. We know the incidents were <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.csoonline.com\/article\/3536783\/hacker-selling-dell-employees-data-after-a-second-alleged-data-breach.html\" target=\"_blank\" rel=\"noopener\">revealed by a hacker<\/a> named &#8220;grep,&#8221; who claimed to be selling personal data. Experts believe attackers gained access via Atlassian vulnerabilities.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">11. Tile (66 million individuals)<\/h3><\/div><div id=\"section-26\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Tile_670e693281.png\" width=\"1400\" height=\"954\" \/><\/div><\/div><div id=\"section-27\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Tile is a device tracking service that <em>should<\/em> improve user security. However, in June, the parent company Life360 admitted to a massive data breach involving Tile&#8217;s customer support platform.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Attackers followed the ransomware playbook, <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/life360-says-hacker-tried-to-extort-them-after-tile-data-breach\/\" target=\"_blank\" rel=\"noopener\">demanding a ransom from Life360<\/a>. Life360 has not disclosed whether it paid.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> The good news is the breach did not include user location data. Unfortunately, hackers extracted customer names, home addresses, email addresses, and phone numbers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> Hackers used a previous employee&#8217;s credentials to access a Tile feature designed for law enforcement officers. This provided access to Life360&#8217;s data storage systems, potentially allowing attackers to extract personal information about every Tile user.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">It appears that Tile lacked effective multi-factor authentication systems. The company may have failed to remove inactive accounts with administrative privileges, leaving the door wide open.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading3___q75_ SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">12. Snowflake (Unknown)<\/h3><\/div><div id=\"section-28\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/content.nordlayer.com\/uploads\/Snowflake_e38a97c9ea.png\" width=\"1400\" height=\"919\" \/><\/div><\/div><div id=\"section-29\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">We&#8217;ve left Snowflake for last as it is like the &#8220;mother of all data breaches&#8221; in 2024. <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.darkreading.com\/threat-intelligence\/snowflake-account-attacks-driven-by-exposed-legitimate-credentials\" target=\"_blank\" rel=\"noopener\">Snowflake<\/a> is a major cloud data hosting company specializing in data processing and analysis. It has grown rapidly in the era of Big Data and AI. However, growth and cybersecurity may not be in sync.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">As we&#8217;ve already seen, Snowflake was involved in some of 2024&#8217;s biggest corporate data breaches, including attacks on AT&amp;T and Ticketmaster. In each case, a hacker known as UNC5537 claimed responsibility.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">UNC5537&#8217;s task was shockingly simple. All it took to steal data from some of the world&#8217;s biggest companies was a few stolen credentials. What&#8217;s more, the stolen credentials weren&#8217;t fresh. Some had been on sale illegally for years.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">What data types were involved?<\/strong> Everything. The attack extended to Ticketmaster, AT&amp;T, Santander, AllState, Mitsubishi, and Anheuser-Busch.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl\">How did it happen?<\/strong> Attackers accessed unencrypted user credentials on a Jira instance by exploiting an unsecured device. After that, they used the credentials to access Snowflake&#8217;s cloud environment. None of the stolen accounts had MFA enabled, making access simple.<\/p><h2 id=\"looking-ahead-what-might-2025-bring\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">Looking ahead: what might 2025 bring?<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In 2024, we dealt with many <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/blog\/most-common-types-of-cyber-attacks\/\">types of cyber attacks<\/a>. In 2025, we will most likely see more ransomware attacks, but against a new set of targets.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">As the Snowflake attacks show, cloud deployments are a primary target. SaaS vendors need to strengthen their defenses and master access controls. That&#8217;s particularly important as AI becomes integrated into cloud operations.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">The Snowflake attack exploited reliance on third-party data analysis resources. Many companies also rely on external partners to leverage LLMs and integrate with operational systems. These partners could easily become victims in 2025.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Whatever <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/blog\/cybersecurity-trends\/\">cybersecurity trends 2025<\/a> brings, now is a good time to improve your cybersecurity posture. NordLayer can help you avoid <strong class=\"Markdown_strong__zgufl\">data breaches i<\/strong>n the New Year and beyond.\u00a0<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/business-vpn\/\">Our Business VPN<\/a> and <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/identity-access-management\/\">access management tools<\/a> shield data, secure remote connections, and filter access requests. With our security solutions in your corner, such as traffic <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/blog\/how-to-encrypt-internet-connection\/\">encryption<\/a> and multi-factor authentication (MFA), you can avoid Snowflake-style vulnerabilities and ruin the chances of opportunist data thieves.<\/p><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cf03edf elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cf03edf\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b576c6d\" data-id=\"b576c6d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9e34e91 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"9e34e91\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-bb2c932\" data-id=\"bb2c932\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bfd91ca elementor-widget elementor-widget-shortcode\" data-id=\"bfd91ca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63561\" class=\"elementor elementor-63561\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1b6aa2c4 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1b6aa2c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1b283ee5\" data-id=\"1b283ee5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e466f1a elementor-widget elementor-widget-text-editor\" data-id=\"4e466f1a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Summary: Data breaches in 2024 soared, with record-high [&hellip;]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":true},"categories":[1273,973,1130,61],"tags":[1272,974,1132],"class_list":["post-100283","post","type-post","status-publish","format-standard","hentry","category-1273","category-nord-security","category-nordlayer","category-press-release","tag-1272","tag-nord-security","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Biggest data breaches of 2024 - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Biggest data breaches of 2024 - Version 2\" \/>\n<meta property=\"og:description\" content=\"Summary: Data breaches in 2024 soared, with record-high [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-28T04:54:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"17 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/biggest-data-breaches-of-2024\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Biggest data breaches of 2024\",\"datePublished\":\"2024-12-28T04:54:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/biggest-data-breaches-of-2024\\\/\"},\"wordCount\":2789,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\",\"keywords\":[\"2024\",\"Nord Security\",\"NordLayer\"],\"articleSection\":[\"2024\",\"Nord Security\",\"NordLayer\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/biggest-data-breaches-of-2024\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/\",\"name\":\"Biggest data breaches of 2024 - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\",\"datePublished\":\"2024-12-28T04:54:34+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#primaryimage\",\"url\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\",\"contentUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/ransomware-attacks-2024\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Biggest data breaches of 2024\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Biggest data breaches of 2024 - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/","og_locale":"en_US","og_type":"article","og_title":"Biggest data breaches of 2024 - Version 2","og_description":"Summary: Data breaches in 2024 soared, with record-high [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/","og_site_name":"Version 2","article_published_time":"2024-12-28T04:54:34+00:00","og_image":[{"url":"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"17 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/12\/biggest-data-breaches-of-2024\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Biggest data breaches of 2024","datePublished":"2024-12-28T04:54:34+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/12\/biggest-data-breaches-of-2024\/"},"wordCount":2789,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png","keywords":["2024","Nord Security","NordLayer"],"articleSection":["2024","Nord Security","NordLayer","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/12\/biggest-data-breaches-of-2024\/","url":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/","name":"Biggest data breaches of 2024 - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#primaryimage"},"thumbnailUrl":"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png","datePublished":"2024-12-28T04:54:34+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#primaryimage","url":"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png","contentUrl":"https:\/\/content.nordlayer.com\/uploads\/large_Biggest_data_breaches_of_2024_web_cover_716fa8d468.png"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/ransomware-attacks-2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"Biggest data breaches of 2024"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-q5t","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=100283"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100283\/revisions"}],"predecessor-version":[{"id":100290,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100283\/revisions\/100290"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=100283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=100283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=100283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}