The H1 Data Breach Analysis recently published by the Identity Theft Resource Center revealed that the number of victims of data breaches significantly increased for the first half of 2024. The number of publicly reported breaches (1,571) with over 1 billion victims is higher by 14% from the first half of 2023.
The size of certain data breaches was unbelievable. The two biggest cyberattacks when it comes to the number of impacted persons happened at Advance Auto Parts and Ticketmaster Entertainment. The Ticketmaster Entertainment attack impacted the personal information of 560 million people. The Advance Auto Parts attack impacted 380 million people. The next three were the Dell Technologies data breach that impacted 49 million people, the LoanDepot data breach that impacted 16.9 million people, and the healthcare data breach that occurred at Kaiser Foundation Health Plan with 13.4 million people impacted.
Two more healthcare data breaches were included in the top 10 data breaches. The breach involving the debt collection company, Financial Business and Consumer Solutions, Inc. impacted 3,435,640 people, while the breach involving the prescription management firm, A&A Services (Sav-Rx) impacted 2,812,336 people. Healthcare breaches dropped by 37.4% from the first half of 2023, nevertheless, the number of victims is greater by 7.4%. The first half of 2024 data analysis doesn’t include the Change Healthcare data breach, since the company did not publicly report yet the number of individuals impacted. The attack is thought to have impacted approximately 1 in 3 Americans or 111 million people.
Over 1 billion individuals (1,007,470,089) were impacted by the 1,571 breaches, which involved 1,391 verified data breaches, 8 data exposures, and 172 unidentified compromises. The worst impacted industry was financial services with 407 publicly reported breaches, followed by the healthcare sector with 236 breaches. The professional services sector had 178 breaches, the manufacturing sector had 151 breaches, and the education sector had 76 breaches. The most prevalent attack vector was cyberattacks having 1,226 verified breaches and 1,062,007,337 victims. There were 212 phishing/BEC/smishing attacks, 16 credential stuffing attacks, 108 ransomware attacks, 23 non-ransomware malware attacks, and 10 zero-day attacks.
The 155 breaches saw 14,218,023 victims due to system or human errors, the most frequent of which were misdirected email messages and letters, with 52 verified incidents. 9 incidents were due to firewalls with wrong configuration; 8 incidents were due to failure in cloud security and 7 incidents were due to missing devices/documents. 18 breaches/exposures were a result of physical attacks like stolen gadgets impacting 57,815 victims, and 80 breaches were caused by supply chain attacks impacting 10,138,237 individuals. Although merely 46.6% of H1 breaches happened in quarter 2 of 2024, 97% of H1 breach victims had their data exposed in quarter 2.
As earlier reported, there is an increasing tendency not to include details concerning the causes of breaches in breach notifications. In H1 of 2024, 1,027 notifications didn’t contain details concerning the attack vector. Just 544 notifications included the attack vector data. Not sharing data concerning the reason for the attack makes it more difficult for breach victims to properly measure the degree of risk they are dealing with and doesn’t give businesses the details that they can use to help stop the same attacks.
ITRC saw that 25% of data breaches involved stolen driver’s license data, and matches a 23% growth in incidents of reported identity misuse to the ITRC in 2023. From the time of the pandemic, driver’s licenses were increasingly utilized for identity confirmation and that data is now kept by most firms, so when breaches happen, driver’s license data is very likely to be exposed. HIPAA laws cover the driver’s license number of individuals and therefore must be protected.