Tel: 650-980-4870

Top 10 Cybersecurity Incidents - 2024

December 26, 2024•3 min read

Here’s a recap of the top 10 cybersecurity incidents of 2024, based on the most impactful and widely reported events:

Details: A China-backed hacker group, Volt Typhoon, launched a major cyberattack on U.S. critical infrastructure, including communications, energy, and transportation sectors. They exploited outdated SOHO routers (e.g., Cisco and NetGear) using KV Botnet malware.
Impact: The FBI and CISA disrupted the botnet, but the attack highlighted vulnerabilities in aging infrastructure.

Details: The BlackCat ransomware group attacked Change Healthcare, disrupting U.S. healthcare systems and exposing sensitive data of 110 million Americans.
Impact: UnitedHealth paid a $22 million ransom. The breach included medical records, diagnoses, and insurance details, making it one of the largest healthcare breaches in history.

Details: Hackers exploited weak credentials and lack of multi-factor authentication (MFA) to breach Snowflake, a cloud data storage company. Data from 165 enterprises, including TicketMaster and Santander Bank, was compromised.
Impact: Sensitive data of millions of users was leaked, prompting Snowflake to enforce stricter security measures.

Details: A massive data dump of 26 billion records, dubbed the "Mother of All Breaches," was discovered in January. It included data from platforms like LinkedIn, Telegram, and Adobe, likely compiled from smaller breaches.
Impact: The breach exposed billions of users to identity theft and phishing attacks.

Details: A Russia-linked group, Midnight Blizzard, compromised Microsoft executive accounts, including emails from U.S. government officials. The attack exploited a lack of MFA on legacy accounts.
Impact: Sensitive communications were stolen, raising concerns about national security.

Details: Another China-linked group, Salt Typhoon, targeted U.S. telecom providers like Verizon and AT&T. They accessed call records and private communications, including those of political figures.
Impact: Described as the "worst telecom hack in U.S. history," it exposed vulnerabilities in critical communication systems.

Details: Zero-day vulnerabilities in Ivanti VPNs were exploited by Chinese threat actors (UNC5221), compromising thousands of devices, including those used by U.S. government agencies.
Impact: The attacks forced emergency patching and highlighted the risks of unpatched security devices.

Details: Hackers stole 49 million customer records from Dell, including names, addresses, and order details. The data was later sold on underground forums.
Impact: While financial data wasn’t exposed, the breach raised concerns about phishing and identity theft.

Details: Ukrainian hacktivists targeted Russia’s Planeta research center, wiping 2 petabytes of data. The attack disrupted weather and climate research tied to military and civilian operations.
Impact: Estimated damages of $10 million, with long-term effects on Russian research capabilities.

Details: CDK Global, a software provider for car dealerships, suffered two ransomware attacks in June, disrupting operations for thousands of dealerships.
Impact: The company reportedly paid a $25 million ransom to restore systems, highlighting the growing threat to supply chains.

Ransomware Surge: Groups like BlackCat and RansomHub dominated, targeting critical sectors like healthcare and finance.
Nation-State Espionage: Chinese and Russian actors escalated attacks on U.S. infrastructure and government systems.
Supply Chain Vulnerabilities: Attacks on platforms like Snowflake and CDK Global exposed the risks of interconnected systems.
Healthcare Under Siege: Multiple attacks disrupted patient care and exposed sensitive medical data.

These incidents underscore the need for stronger cybersecurity measures, including MFA, regular patching, and robust incident response plans.