The number of data breach victims is up 490% in the first half of 2024

The number of data breach victims is up 490% in the first half of 2024

Year to date, data breaches have impacted just shy of 1.1 billion people, according to new data from the Identity Theft Resource Center.

BY Chris Morris

2024 is looking like a banner year for identity thieves—and a pretty lousy one in that regard for pretty much anyone else.

The Identity Theft Resource Center (ITRC) says the number of data breaches in the first half of 2024 (about 1.1 billion) marks a 490% uptick over the first half of the year prior. The number of data breach victims in just the second quarter of 2024 (1 billion) represented a jaw-dropping 1,170% increase over Q2 2023. (For comparison, the total number of people impacted by data breaches in all of 2023 totaled slightly more than 353 million.)

The 2024 midyear report found 1,571 publicly reported data compromises in the first six months, a 14% increase from a year ago. The huge jump in victims, though, came from a small handful of attacks. Of particular note, the group cited the following:

  • Breaches of some clients using the Snowflake cloud service accounted for more than 900 million victims.
  • Infosys McCamish System saw a data breach in February that the company estimates affected 6 million people.
  • Prudential Financial’s February 2024 breach impacted some 2.5 million people.

The actual number of victims could grow significantly. Not included in the 2024 figures are the victims of the Change Healthcare supply chain attack. Officials at that company have not given a specific number of victims in the breach, but did predict “a substantial number” of U.S. residents could be impacted.

“The trends we saw emerge in 2023 that led to a record-breaking year in compromises are continuing into 2024,” Eva Velasquez, president and CEO of the Identity Theft Resource Center, said in a statement. “The takeaway from this report is simple: Every person, business, institution, and government agency must view data and identity protection with a greater sense of urgency.”

Also concerning was the lack of clarity on a number of attacks. The ITRC says nearly 7 out of every 10 breaches did not disclose what sort of cyberattack they suffered, which could increase the chances of other businesses (and individuals) falling victim to the same methods.

Financial services companies have seen the biggest jump in the number of attacks so far this year, with a 67% increase. Healthcare companies were the second-most breached sector.

As for what the data thieves are looking for? The ITRC says driver’s license data was stolen in 25% of the breaches disclosed in the first half of this year. Data thieves increasingly use that information as an identity verification method for other sorts of fraudulent transactions.

The surge in victims follows a year that saw the largest number of data compromises on record, with 3,205 attacks reported by various companies.


ABOUT THE AUTHOR

Chris Morris is a contributing writer at Fast Company, covering business, technology, and entertainment, helping readers make sense of complex moves in the world of tech and finance and offering behind the scenes looks at everything from theme parks to the video game industry. Chris is a veteran journalist with more than 35 years of experience, more than half of which were spent with some of the Internet’s biggest sites, including CNNMoney.com, where he was director of content development, and Yahoo! Finance, where he was managing editor 


Fast Company

(14)