ITRC: More Than 1 Billion Individuals Affected by H1, 2024 Data Compromises
The first half of 2024 saw a significant increase in the number of victims of data breaches, according to a recently published H1 Data Breach Analysis by the Identity Theft Resource Center. In the first 6 months of the year, there were 1,571 publicly reported compromises, up 14% from H1, 2023, and more than 1 billion victims.
The size of some of the data breaches was astonishing. The two biggest attacks in terms of the number of affected individuals occurred at Ticketmaster Entertainment and Advance Auto Parts, with the former involving the personal data of 560 million individuals and the latter affecting 380 million individuals. A data breach at Dell Technologies affected 49 million individuals, a breach at LoanDepot affected 16.9 million individuals, and a healthcare data breach at Kaiser Foundation Health Plan rounded out the top 5 and affected 13.4 million individuals.
Two other healthcare data breaches made the top 10 – The attack on the debt collection firm, Financial Business and Consumer Solutions, Inc., which affected 3,435,640 individuals, and the attack on the prescription management company, A&A Services (Sav-Rx), which affected 2,812,336 individuals. Healthcare compromises were down 37.4% from H1, 2023, however, the number of victims increased by 7.4%. The H1 data analysis does not include the massive data breach at Change Healthcare, as the company has yet to publicly confirm how many individuals have been affected, although the attack is believed to have affected up to 1 in 3 Americans (111 million individuals).
Victims of healthcare data compromises in H1, 2024. Data source: ITRC
More than 1 billion people (1,007,470,089) were affected by the 1,571 compromises, which included 1,391 confirmed data breaches, 8 data exposures, and 172 unknown compromises. Financial services was the worst affected sector with 407 publicly reported compromises, followed by healthcare with 236, professional services with 178, manufacturing with 151, and education with 76. The most common attack vector was cyberattacks with 1,226 confirmed breaches and 1,062,007,337 confirmed victims. These include 212 phishing/smishing/BEC attacks, 108 confirmed ransomware attacks, 23 non-ransomware malware attacks, 16 credential stuffing attacks, and 10 zero-day attacks.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
There were 155 breaches and 14,218,023 victims of system/ human errors, the most common of which were misdirected emails and letters, with 52 confirmed incidents. The next main causes were misconfigured firewalls (9 incidents), cloud security failures (8 incidents), and lost devices/documents (7 incidents). 18 breaches/exposures were due to physical attacks such as stolen devices (57,815 victims), and 80 breaches were due to supply chain attacks (10,138,237 individuals). While only 46.6% of H1 compromises occurred in Q2, 2024, 97% of H1 victims of compromises had their data exposed in Q2.
As previously reported, there is a growing trend of withholding information about the causes of breaches from breach notices. In H1, 2024, 1,027 notices did not include information about the attack vector with only 544 notices including attack vector information. The failure to share information about the cause of the attack makes it harder for victims of the breach to accurately assess the level of risk they face and does not provide other businesses with information that they could use to help prevent similar attacks.
ITRC has drawn attention to the increased value of driver’s license information, which was stolen in 25% of data breaches, and corresponds to a 23% increase in cases of identity misuse reported to the ITRC by victims in 2023. Since the pandemic, driver’s licenses have been increasingly used for identity verification and that information is now stored by many companies, so when compromises occur, driver’s license information is now more likely to be compromised.
