These days, news of massive data breaches is no longer as shocking as it used to be. It’s been non-stop news for so long that Americans are becoming numb to these crimes. But when billions of records so far this year have been hijacked by cybercriminals, these mega breaches are serious business—especially for the victims. Keep in mind that all of this intimate information can be used to craft very convincing phishing emails. Just one more reminder to not click on email or text links. Open a browser and go to the desired site, just DON”T CLICK.
Below is a closer look at some of the biggest data breaches (so far) this year.
News of this telecom titan’s breach traveled fast. Still recovering from a cyberattack earlier this year exposing the Social Security numbers and other PII of 73 million customers, past and current, AT&T was recently struck again.
This latest breach also affected AT&T customers past and present. In the ongoing investigation, the company says the stolen data involves the telephone numbers of their cellphone customers, and also the customers of wireless providers using its network. They say their data so far includes the call and data logs of all their customers over a six-month period in 2022. According to the U.S. Department of Justice, the breach has national security implications.
When the public learned about the ransomware attack on Change Healthcare, it was enough to make some customers ill. The company claims they process 15 billion healthcare transactions a year requiring a wealth of sensitive information. They report the ransomed data includes patient medical, personal, and billing information for a “substantial proportion” of the U.S.
The epic breach echoed across the country for weeks, creating mayhem for those involved in healthcare. From pharmacies unable to fill prescriptions to hospitals rescheduling procedures and healthcare providers unable to provide patient care, the aftershock of the ransomware attack was devastating.
For Ticketmasters 560 million of its customers, the news of the Ticketmaster breach wasn’t exactly music to their ears. ShinyHunter hacking group claims they have the PII of 560 million Ticketmaster customers including names and physical addresses, phone numbers and credit card information. It’s reported the group is selling the stolen data on Russian hacking forums.
The attack started after a third-party service provider for Snowflake cloud storage had their credentials hacked. The Ticketmaster breach was part of a domino effect of a growing list of corporate victims across the U.S. using Snowflake’s services.
The National Public Data (NPD) involved the theft of 2.9 billion records, including a lot of very sensitive information. The information has been put on the dark web at a cost of $3.5 million. Breaking news is that NPD inadvertently exposed its own passwords too, making their backend servers accessible too. The fallout is just beginning and several lawsuits against NPD have already been filed, with many more likely.
Being on the “top data breach” list is like membership in a club no one wants to belong to. Despite this, mega breaches have become all too routine. Aside from keeping our fingers crossed, we do have control over our own security hygiene.
- Always watch for those phishing red phlags. If you are made to feel like you have to take action “right now,” consider how true that is. Most likely, it’s phishing.
- Review those healthcare benefits statements. If they look incorrect or there is something on them you’re unsure about, contact your healthcare provider and health insurer to sort it out.
- Don’t reply to texts from unfamiliar senders or answer calls if you aren’t familiar with the phone number. Remember, it’s easy to spoof phone numbers, so be sure you really want to respond.
It’s our responsibility to stay cyber-smart and stay informed because corporate America isn’t doing it for us.