Current:Home > MyA banner year for data breaches: Cybersecurity expert shows how to protect your privacy-LoTradeCoin
A banner year for data breaches: Cybersecurity expert shows how to protect your privacy
View Date:2024-12-23 21:57:10
Corrections & Clarifications: A previous version of this column misstated details of AT&T's July data breach. It incorrectly included details related to a different breach reported in March.
From big banks to car dealerships, 2024 has been a banner year for data breaches. Yes, I mean that in the worst way possible. I’d be shocked if there’s any American left unexposed at this point. Here are some companies that may have exposed your data:
National Public Data breach: 2.9 billion people exposed
Hard to imagine much worse than a background-check company being hacked. Their entire job is to dig up and collect nonpublic data. A lawsuit claims it was National Public Data’s negligence that exposed 2.9 billion people. Details include Social Security numbers, full names and addresses. Hacking group ASDoD put the database of the stolen information up for sale for $3.5 million. No word yet on any ransom payment.
Through a process called scraping, National Public Data collects and stores personal data from "nonpublic sources" to perform background checks. In other words, the company gathers information that wasn't willingly (or knowingly) handed over.
Depending on what happens in court, National Public Data could be required to purge the personal data of impacted individuals and to encrypt all collected data going forward.
New! For the first time, the award-winning Kim Komando Show is available as a podcast.Find it now in your favorite podcast player.
Ascension ransomware attack: Up to 140 hospitals
In May, an employee at one of the country's biggest health care systems accidentally downloaded malware. What happened next was a cyberattack avalanche.
Ascension runs 140 hospitals in 19 states and Washington, D.C. On May 8, they detected unusual activity within their network. The disruption quickly became so bad that Ascension had to shut down emergency rooms and reroute patients.
Hackers got their hands on seven of Ascension’s 25,000 servers; who was impacted is still under investigation. Ascension recently said around 500 individuals were affected, but I’m willing to bet the final number will be a lot higher.
What to know:2.9 billion records, including Social Security numbers, stolen in data hack
Are you at risk?10 billion passwords have been leaked on a hacker site.
CDK global attack: 15,000 car dealerships
One of the biggest car dealership software companies got hit with a double whammy in June. CDK, used by 15,000 dealerships for payroll and finance tasks, shut down its systems after back-to-back cyberattacks on the 18th and 19th. Rumor has it the ransom payment was worth tens of millions of dollars.
The shutdown majorly disrupted dealership operations and sales. One Lexus dealership in New Jersey reported new car sales down 50% in June.
Change Healthcare attacks
Change Healthcare, a tech firm owned by UnitedHealth, is used by thousands of pharmacies, hospitals and health care facilities to receive payments and process claims.
One attack discovered in late February caused massive disruptions for weeks throughout the U.S. health care system. UnitedHealth paid a whopping $22 million ransom to Russian cybercriminal group BlackCat to stop them from sharing the data they stole.
Then another gang of crooks, RansomHub, claimed they stole data, too. In April, UnitedHealth said a "substantial proportion" of Americans' data was exposed. Estimates say as much as a third of all Americans were impacted. That includes sensitive medical data, including test results, diagnoses and images.
AT&T breach: Nearly all customers
In July, AT&T disclosed that hackers stole data from “nearly all” current and former customers after accessing a workspace on a third-party cloud platform. That data included phone call and text message records from May 1, 2022, to Oct. 31, 2022, as well as on Jan. 2, 2023. They reportedly paid hackers a $370,000 ransom to delete the information, though AT&T has not confirmed that.
Honorable mention
◾ Advance Auto Parts (July): Personal information of over 2.3 million individuals was stolen.
◾ Roku (April): Through “credential stuffing” aka using logins leaked in other breaches, hackers accessed around 591,000 accounts. No financial info was accessed.
◾ Truist Bank (June): Hacking group Sp1d3r stole information about 65,000 employees and posted it for sale online.
◾ Tile (June): Life360, the company behind Tile tracker devices, reported a breach that included names, addresses, email addresses, phone numbers and device identification numbers.
◾ Ticketmaster (June): This one impacted 560 million customers; data included names, addresses, phone numbers, email addresses, order history and partial payment info.
◾ Dropbox (May): Attackers accessed Dropbox Sign's development environment, compromising customer information.
◾ TeamViewer (July): Employee directory data, including names and encrypted passwords, was exposed.
Locked down
You can't stop a hacker from breaching a major company, but you can protect yourself from the fallout.
Double-check all health care communications. If you receive an explanation of benefits (EOB) or a bill for services you didn’t receive, contact your health care provider and insurance company ASAP. It likely means someone is using your benefits for their own health care.
Treat email requests with caution. Be skeptical of anything that seems super urgent. It's OK to slow down for safety. My rule of thumb: If it’s a strange written request, like a text or email, I make a phone call.
Be wary of “old friends” who appear out of nowhere. It could be a hacker who happens to have a little (stolen) info. Take time to confirm they are who they say they are.
Make a list of exposed data. Keep this digitally or just on a Post-it. Be suspicious of anyone who references it in an email or phone call. Say the company you financed your car through was hacked. Alarm bells should rise if you get a call out of the blue that there’s a major issue with your loan.
Update your PIN and banking login credentials. Even if they weren’t involved directly in the breach, hackers can use your personal info to access it. Keep an eye on your bank and credit card statements for anything out of the ordinary. Set up banking alerts on your phone while you’re at it.
Freeze your credit. This will keep scammers from opening a credit card or loan in your name. Like setting up a fraud alert, you’ll need to contact each of the three credit bureaus.
The views and opinions expressed in this column are the author's and do not necessarily reflect those of USA TODAY. Learn about all the latest technology on the Kim Komando Show, the nation's largest weekend radio talk show. Kim takes calls and dispenses advice on today's digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website.
veryGood! (782)
Related
- NYC bans unusual practice of forcing tenants to pay real estate brokers hired by landlords
- Indigenous Leaders Urge COP28 Negotiators to Focus on Preventing Loss and Damage and Drastically Reducing Emissions
- Did embarrassment of losing a home to foreclosure lead to murder?
- Jim Harbaugh set for $1.5 million in bonuses after Michigan beats Iowa for Big Ten title
- Deebo Samuel explains 'out of character' sideline altercation with 49ers long snapper, kicker
- Exclusive: MLB execs Billy Bean, Catalina Villegas – who fight for inclusion – now battle cancer
- An Israeli raced to confront Palestinian attackers. He was then killed by an Israeli soldier
- Vermont day care provider convicted of causing infant’s death with doses of antihistamine
- The Daily Money: Markets react to Election 2024
- In Mexico, a Japanese traditional dancer shows how body movement speaks beyond culture and religion
Ranking
- This is Your Sign To Share this Luxury Gift Guide With Your Partner *Hint* *Hint
- Indigenous Leaders Urge COP28 Negotiators to Focus on Preventing Loss and Damage and Drastically Reducing Emissions
- Chinese developer Evergrande risking liquidation if creditors veto its plan for handling huge debts
- Vote count begins in 4 Indian states pitting opposition against premier Modi ahead of 2024 election
- 'Treacherous conditions' in NYC: Firefighters battling record number of brush fires
- Alabama, Nick Saban again run the SEC but will it mean spot in College Football Playoff?
- Defense head calls out those who advocate isolationism and ‘an American retreat from responsibility’
- Why solar-powered canoes could be good for the future of the rainforest
Recommendation
-
Judge hears case over Montana rule blocking trans residents from changing sex on birth certificate
-
Send-offs show Carlton Pearson’s split legacy spurred by his inclusive beliefs, rejection of hell
-
Italy reportedly refused Munich museum’s request to return ancient Roman statue bought by Hitler
-
20 Kick-Ass Secrets About Charlie's Angels Revealed
-
Mattel says it ‘deeply’ regrets misprint on ‘Wicked’ dolls packaging that links to porn site
-
Blake Lively Shares Her Thoughts on Beyoncé and Taylor Swift Aligning
-
Washington gets past Oregon to win Pac-12 title. What it means for College Football Playoff
-
Venezuelans to vote in referendum over large swathe of territory under dispute with Guyana