As 2024 wraps up, cyberattacks caused major headaches across various industries, most often in healthcare and critical infrastructure. This year, we’ve seen a surge in ransomware attacks hitting healthcare providers, leading to stolen patient data and service disruptions.
Additionally, Chinese espionage activities have intensified, targeting U.S. and allied nations’ critical sectors to potentially disrupt services amid geopolitical tensions.
Here are some of the top cyberattacks that made headlines in 2024.
LoanDepot Ransomware Attack
In January, LoanDepot, a major U.S. mortgage lender, suffered a ransomware attack that disrupted customer mortgage payments. The breach exposed sensitive information of approximately 16.6 million customers, including Social Security and financial account numbers. Recovery efforts cost the company $26.9 million.
Ivanti Zero-Day Vulnerabilities Exploited
Early 2024 saw the exploitation of critical zero-day vulnerabilities in Ivanti products, affecting sectors like government, military, and finance. Chinese state-sponsored actors utilized these flaws for espionage, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue emergency directives for mitigation.
Volt Typhoon’s Infiltration
In January, the U.S. Department of Justice disrupted a cyber espionage campaign by Chinese actor Volt Typhoon, which had infiltrated U.S. critical infrastructure sectors, including communications and energy. This operation was viewed as a strategic move by China to prepare for potential disruptions during geopolitical conflicts.
Change Healthcare Ransomware Incident
February reports revealed that Change Healthcare faced a ransomware attack causing nationwide prescription delays. UnitedHealth Group, its parent company, paid a $22 million ransom to the ALPHV/BlackCat group. The breach affected approximately 100 million individuals, marking it as the largest known data breach of U.S. healthcare records.
Ticketmaster Data Breach
In June, Ticketmaster’s parent company, Live Nation, confirmed a data breach where hackers stole personal information of 560 million customers. The attackers, known as ShinyHunters, demanded a $500,000 ransom, highlighting persistent cybersecurity challenges in the entertainment industry. A proposed class action lawsuit against Live Nation and Ticketmaster filed in May alleges that the breach was a direct result of the defendants’ failure to implement “adequate and reasonable” cybersecurity procedures and protocols.
Ascension Health System Attack
May witnessed a ransomware attack on Ascension, a nonprofit health system, disrupting clinical operations and leading to emergency care diversions. Investigations indicated that patient health information was likely stolen, emphasizing the need for robust cybersecurity in healthcare.
Snowflake Data Breach
In June, threat actors compromised customer data from Snowflake’s multi-cloud platform, affecting 165 organizations. High-profile breaches, including those of Live Nation and Santander, were linked to this incident, underscoring vulnerabilities in cloud data storage.
Columbus Ransomware Attack
July brought a ransomware attack on Columbus, Ohio, causing IT service outages and exposing sensitive data of about 500,000 residents. The Rhysida ransomware group was responsible, marking one of the most significant public sector data breaches in recent history.
Seattle Airport Cyber-Attack
In August, the Port of Seattle faced a ransomware attack disrupting Seattle–Tacoma International Airport operations ahead of the Labor Day holiday. The Rhysida group claimed responsibility, with system restorations completed within a week.
Chinese Espionage on U.S. Officials
In November 2024, during the presidential election, reports revealed a Chinese espionage campaign that compromised U.S. government officials’ data through breaches in telecommunications providers. The phones of President Donald Trump and Vice President-elect J.D. Vance were affected, raising significant national security concerns.
These incidents highlight the escalating cyber threats in 2024, emphasizing the critical need for enhanced cybersecurity measures across all sectors.
