As we continue to reflect on the cybersecurity landscape of 2024, it's evident that this year has been marked by numerous significant data breaches. In this second part of our review, we focus on four major incidents that have had a profound impact on both organizations and individuals.
Dell Technologies
The Dell Technologies breach affected about fifty million records, exposing customer names, email addresses, and hashed passwords. A hacker was able to register as a partner and brute-force his way to a database storing customer information over the course of several weeks without Dell noticing. The partner onboarding process did not seem to thoroughly vet the real identity and interests of the actor.
Life360
Life360, a popular family safety app, experienced a significant data breach that compromised about half a million records. The breach resulted from an unsecured API endpoint, which exposed sensitive information such as emails, phone numbers, and full names in the API response, even though it was not visible to users.
APIs generally lack user interfaces, but like end-user applications, they need robust authentication mechanisms to verify the entities communicating with them, especially when exposed online.
Discord
Discord, a widely used communication platform, experienced a breach that compromised billions of messages from hundreds of millions of users. The breach exploited a vulnerability in the website code, underscoring the importance of regular security assessments and code reviews to identify and fix vulnerabilities.
Change Health Breach
Change Healthcare, a healthcare technology company and subsidiary of the UnitedHealth Group that processes billions of healthcare transactions annually, experienced the largest healthcare data breach ever. The breach affected over hundred million records, exposing Social Security numbers, medical records, and financial information. It caused even more disruption due to the number of healthcare organizations that relied on Change Healthcare’s systems. Patients were prevented from obtaining medications unless they were able to pay for them out of their own pockets. Investigation revealed that a ransomware affiliate used compromised credentials for a Citrix portal that did not have multifactor authentication enabled.
Final Thoughts
The data breaches of 2024 have shown us that no organization is immune to cyber threats. Despite taking preventive measures, such as multifactor authentication, encryption, employee training, breaches can still occur. It is therefore vital to establish a robust incident response plan to minimize damage when a breach happens. Such a plan should include immediate communication, damage assessment, remediation steps and periodic review.
Comments