December 2024 - A Look Back at 2024

As 2024 comes to a close, so too comes a time of reflection.

In the cybersecurity space, there has been plenty to look back upon over the past 12 months. From data breaches that affected billions of people, to outages that brought countless services to a halt, 2024 had no shortage of events that made headlines.

While some of these matters have been resolved, others may continue to affect individuals for years to come, and security professionals would be wise to take the lessons learned from these events and take the proper precautions to reduce the risk for recurrence and to detect these incidents faster.

Here are some of the most important cybersecurity stories from 2024.

National Public Data Breach Affects Billions

One of the largest data breaches in history took place in August, when it was discovered that 2.7 billion data records had been stolen from the background-checking company, National Public Data.

The data records were discovered on a dark web forum, and contained large amounts of sensitive information, including Social Security numbers.

The breach began in December 2023, when unknown parties attempted to breach NPD’s systems. They were not successful until April 2024, when the theft took place.

Given the sheer volume of sensitive information exposed, it’s possible that countless individuals may be at risk of identity fraud in the years to come.

Crowdstrike Outage Causes Disruptions

A month earlier, roughly 8.5 million Windows devices were disabled around the world after Crowdstrike distributed a faulty update to its Falcon sensor security software.

The defective update caused those systems to crash, with no ability to restart them. The blue screen of death visited any organization using these systems, which covered a wide variety of different industries, including retail, government and healthcare.

The Crowdstrike outage has been called one of the largest IT outages in history by those such as cybersecurity consultant Troy Hunt.

The issue was discovered and fixed within hours, but the damage had already been done. Crowdstrike could be held liable under the European Union’s General Data Protection Regulation.

And when it was all said and done, the worldwide financial damage from the outage reached estimates of $10 billion.

Ransomware Group Behind Massive Healthcare Breach

The ransomware group ALPHV, also known as BlackCat, was found to be behind a ransomware attack against Change Healthcare. The breach took place in February, but was not made public until October.

ALPHV managed to obtain the private health information of more than 100 million people. The breach is the largest healthcare related incident to be reported to U.S. federal regulators.

Change Healthcare’s parent company, UnitedHealth Group confirmed a $22 million Bitcoin payment had been paid to release the stolen data, adding another layer to the conversation around whether ransomware payments should be made.

As it’s been seen with other cyber incidents, there were financial damages stemming from the breach. In its 2024 third quarter earnings report, UnitedHealth Group estimated the breach led to a business disruption of $705 million.

Telecommunications Attack Called Worst in “Nation’s History”

The Chinese-based threat group Salt Typhoon managed to compromise several American telecommunication companies, including Verizon and AT&T.

By doing so, Salt Typhoon managed to steal customer call records, law enforcement request data, and the private communications of government officials. The group used this data to target President Donald Trump, Vice President-Elect JD Vance and associates of Vice President Kamala Harris.

Senator Mark Warner called the incident the “worst telecom hack in our nation’s history,” and lawmakers on Capitol Hill continue to work to assess the fallout of the cyberattack.

Lawmakers and federal agencies are taking action to try and prevent further harm from taking place. Senator Ron Wyden introduced the Secure Americans Communication Act” to secure American telecommunications companies, while several federal agencies, including the FBI, NSA, and CISA, have issued guidance on securing private communications in the aftermath of the breach.