According to the resource center, 1,571 data breaches occurred in the first half of 2024, affecting a total of about 1.08 billion victims, a figure that includes people who appear multiple times in publicly released data breach notifications.
By comparison, in 2023, 3,203 data breaches will affect 418.7 million people.
The total number of data breaches in the first half of this year is 14% higher than the same period in 2023, according to the Resource Center, a nonprofit that tracks publicly disclosed personal and consumer data breaches in the U.S. and also provides online assistance to people with questions about identity theft, fraud and other cybercrime issues.
The resource center’s annual report last year found that there will be more data breaches and leaks of personal and consumer data in the U.S. in 2023 than ever before.
One of the biggest data breaches of 2023 was a cyberattack on MOVEit, a file transfer software tool owned by Progress Software, that affected a variety of companies and organizations, including Dayton-based CareSource and Premier Health.
The majority of data breaches last year and so far this year were the result of cyber attacks.
Data breaches can expose corporate data and personal information such as social security numbers, logins and passwords, credit card numbers, and consumer information.
Data breaches include:
- A breach is when an unauthorized person removes personal information from where it is stored, possibly via a ransomware attack.
- A leak occurs when information that people post online is stolen from a website, and has happened in the past with social media platforms such as Facebook and LinkedIn.
- Breaches that occur due to system or human error are generally considered to be a low risk since there is no indication that information was accessed, copied, or deleted.
Financial services companies experienced the most data breaches in the first half of 2024, followed by healthcare companies, professional services, manufacturing companies, and education, according to the new report.
The Ticketmaster breach affected 560 million people, a figure that was current as of July 17 and based on “unconfirmed information provided by threat actors claiming responsibility for the attack,” according to the report. The data will be updated once Ticketmaster updates its mandatory breach notification, which states that more than 1,000 people were affected, according to the report.
Advance Auto Parts has the second-highest number of victims with 380 million victims so far this year, according to the report, followed by Dell Technologies with 49 million victims.
The 51 million victims of the AT&T data breach that made headlines this year aren’t included in this year’s data because the breach first occurred in 2021, according to the resource center.
The report also noted an increase in the value and use of stolen driver’s license information, reflecting the increased use of driver’s licenses to verify identity in a wider range of transactions in the wake of the COVID-19 pandemic.
Driver’s license data was stolen in 25% of breaches in the first half of this year.
“But just because cybercriminals have access to enough personal information to impersonate most adults doesn’t mean there aren’t steps everyone can take to protect their identities and make their information less valuable to criminals,” Lee said.
He suggests freezing your credit, which is the only way to stop identity thieves from accessing your credit information.
“Credit and identity monitoring that you buy or get because of a data breach can help you know what happened, but it can’t prevent something from happening,” Lee said.
According to the U.S. government’s USA.Gov Money and Credit website, a credit freeze requires contacting all three major credit bureaus — Equifax, Experian, and Transunion — and limits access to your credit report, preventing creditors from approving new credit in your name. After a credit freeze, if you want to take out a loan or get a new credit account in your name, you’ll need to contact the credit bureaus to lift the freeze.
Lee said it’s also important to never reuse the same or similar passwords across multiple accounts. A password manager can help you create and manage your passwords, and a passkey, if available on your mobile device, can provide an extra layer of protection.
Lee also suggests using multi-factor authentication, asking companies that don’t offer it why they don’t offer the option, and switching to a competitor that does.
Follow @LynnHulseyDDN Facebook, Instagram, TikTok and X.
