From major banks to car dealerships, 2024 has unfortunately set a new record for data breaches. And yes, I mean that in the worst way possible. It’s hard to imagine there’s any American who hasn’t been affected by this wave of cyberattacks. Here are some companies that may have compromised your personal data:
National Public Data Breach: 2.9 Billion People Exposed
It’s hard to think of anything more alarming than a background-check company being hacked, especially when their core responsibility is to gather and secure sensitive nonpublic information.
A lawsuit now alleges that National Public Data’s negligence led to the exposure of 2.9 billion individuals’ personal details, including Social Security numbers, full names, and addresses.
The hacking group ASDoD has reportedly put the stolen database up for sale, demanding $3.5 million. There’s no word yet on whether a ransom payment has been made.
National Public Data gathers and stores personal information through a process known as scraping, pulling data from “nonpublic sources” to conduct background checks.
This means the company collects information that individuals likely never willingly or knowingly provided.
The outcome of the ongoing court case could have significant implications. If the lawsuit is successful, National Public Data may be required to purge the personal data of those affected and implement strict encryption measures for all future data collection.
Ascension Ransomware Attack: Impacting Up to 140 Hospitals
In May, a cyberattack began with a single, accidental malware download by an employee of one of the nation’s largest healthcare systems. What followed was a devastating chain reaction.
Ascension, which operates 140 hospitals across 19 states and Washington, D.C., first noticed unusual activity in their network on May 8.
The situation rapidly escalated, forcing Ascension to shut down emergency rooms and reroute patients, highlighting the severe impact of the attack on critical healthcare services.
Ascension Cybersecurity Breach: Ongoing Investigation on Affected Servers
In a recent cybersecurity breach, hackers managed to infiltrate seven of Ascension’s 25,000 servers.
The investigation is still underway to determine the full extent of the impact. Initially, Ascension reported that around 500 individuals were affected, but many experts believe that this number could rise significantly as more information comes to light.
CDK Global Cyberattack: 15,000 Car Dealerships Affected
In June, CDK Global, a major provider of software solutions to 15,000 car dealerships, experienced a significant cyberattack. The breach occurred on June 18th and 19th, forcing CDK to shut down its systems temporarily.
The company, which supports crucial operations like payroll and finance, is rumored to have paid a ransom in the tens of millions of dollars to regain control.
CDK Global Cyberattack: Dealership Operations and Sales Severely Impacted
The cyberattack on CDK Global had a significant ripple effect, severely disrupting operations and sales across many dealerships. A Lexus dealership in New Jersey reported a 50% drop in new car sales for June due to the shutdown.
Change Healthcare Cybersecurity Breach
Change Healthcare, a technology company owned by UnitedHealth, was also hit by a cyberattack.
This company plays a crucial role for thousands of pharmacies, hospitals, and healthcare facilities, handling payment processing and claims management.
Healthcare System Disrupted by Cyberattacks: UnitedHealth Pays $22 Million Ransom
In late February, a cyberattack caused widespread disruptions throughout the U.S. healthcare system, lasting for weeks. UnitedHealth responded by paying a staggering $22 million ransom to the Russian cybercriminal group BlackCat, who had stolen sensitive data.
However, the ordeal didn’t end there. Another group, RansomHub, claimed to have stolen data as well. By April, UnitedHealth revealed that a “substantial proportion” of Americans’ data was compromised.
Estimates suggest that nearly a third of all Americans were impacted, with exposed data including sensitive medical information like test results, diagnoses, and images.
AT&T Data Breach: 73 Million Customers Affected
In March, AT&T disclosed a significant data breach, revealing that hackers had stolen information from “nearly all” current and former customers.
The breach, which dates back to 2019, exposed highly personal details, including Social Security numbers. To prevent further exploitation, AT&T reportedly paid a $370,000 ransom to secure the deletion of the stolen data.
Other Notable Cybersecurity Breaches
- Advance Auto Parts (July): Over 2.3 million individuals had their personal information stolen.
- Roku (April): Hackers accessed around 591,000 accounts using “credential stuffing,” but no financial information was compromised.
- Truist Bank (June): The hacking group Sp1d3r stole and posted for sale information about 65,000 employees.
- Tile (June): Life360 reported a breach of their Tile tracker devices, exposing names, addresses, emails, phone numbers, and device IDs.
- Ticketmaster (June): A massive breach impacted 560 million customers, compromising names, addresses, phone numbers, emails, order histories, and partial payment information.
- Dropbox (May): Attackers accessed Dropbox Sign’s development environment, leading to compromised customer information.
- TeamViewer (July): Employee directory data, including names and encrypted passwords, was exposed.
Stay Protected
While you may not be able to prevent a major company from being hacked, there are steps you can take to protect yourself from the aftermath. Staying vigilant and securing your personal information is key.
Protecting Yourself from Health Care Scams
In the wake of recent cyberattacks, it’s crucial to double-check all communications related to your healthcare.
If you receive an Explanation of Benefits (EOB) or a bill for services you didn’t receive, reach out to your healthcare provider and insurance company immediately. This could indicate that someone is fraudulently using your health benefits.
Exercise Caution with Email Requests
Be cautious when dealing with email requests, especially those that seem overly urgent. It’s important to slow down and prioritize safety.
A good rule of thumb: if you receive an unusual request via text or email, take the time to make a phone call to verify its legitimacy.
Watch Out for Suspicious “Old Friends”
If an old friend suddenly reaches out after years of no contact, be on guard. This could be a hacker with some stolen information. Take the time to confirm their identity before engaging further.
Keep Track of Exposed Data
Make a list of any data that may have been exposed in a breach. Whether you keep it digitally or on a simple Post-it, be wary if someone references this information in an email or phone call.
For example, if your car financing company was hacked, be suspicious of any unexpected calls about issues with your loan.
Update Your PIN and Banking Credentials
Even if your banking information wasn’t directly involved in a breach, it’s wise to update your PIN and login credentials. Hackers can use other personal information to gain access.
Monitor your bank and credit card statements closely for any unusual activity, and set up alerts on your phone to stay informed.
Freeze Your Credit
Consider freezing your credit to prevent scammers from opening credit cards or loans in your name. Similar to setting up a fraud alert, you’ll need to contact each of the three major credit bureaus to complete this process.
Stay informed about the latest threats by reading our cybersecurity news and updates.