Number of US Data Breach Victims Jump Nearly 500 Percent in 2024 First Half

Hackers are looking to breach U.S. critical infrastructure, targeting industrial control systems at ‘record levels,’ warned an intelligence official.
Number of US Data Breach Victims Jump Nearly 500 Percent in 2024 First Half
A member of the hacking group Red Hacker Alliance who refused to give his real name uses a website that monitors global cyberattacks on his computer at its office in Dongguan, Guangdong Province, China, on Aug. 4, 2020. Nicolas Asfouri/AFP via Getty Images
Naveen Athrappully
Updated:
0:00

The number of data breach victims in the United States surged by almost five-fold during the January–June period this year, mostly due to a few large hacking events that affected millions of people, according to the nonprofit Identity Theft Resource Center (ITRC).

There were an estimated 1.07 billion data breach victims in the first half of 2024, which was a 490 percent increase from the same period last year, the ITRC said in a July 17 statement. The majority of victims, more than 1.04 billion, were announced or updated in the second quarter. For instance, the breach at cloud data storage firm Snowflake accounted for more than 900 million victims in the second quarter, while software firm Infosys McCamish System updated its victim count from around 84,000 in February to 6 million in the second quarter.

The second quarter of 2024 saw the third-highest data breach victim count in any quarter, the nonprofit stated. However, the estimated victim count is considerably higher as the report did not account for the Change Healthcare supply chain attack. This breach affects one-third of Americans, a company official stated in May.

Even though the number of breach victims in the first half surged by almost fivefold, the number of security incidents did not see any such spike. There were 1,571 publicly reported data compromises in the first half of 2024, a roughly 14 percent increase from the first half of 2023, the ITRC said.

“The takeaway from this report is simple: Every person, business, institution and government agency must view data and identity protection with a greater sense of urgency,” said Eva Velasquez, president and CEO of ITRC.

Data compromises rose in 10 of the 16 industries tracked by ITRC. Financial services were the most affected, with 407 compromises, followed by the health care, professional services, manufacturing, and education sectors.

The company with the largest number of reported victims was Ticketmaster Entertainment, with an estimated 560 million affected individuals, followed by Advance Auto Parts, Dell, LoanDepot, and the Kaiser Foundation.

“Driver’s License data was stolen in 25 percent of data breaches according to notices issued this year,” ITRC stated, reflecting a post-pandemic trend.

Cyber Threat Facing America

The report follows warnings from security experts that critical U.S. infrastructure such as communication networks and energy supplies face an increasing threat from cyber criminals.
In May, Director of National Intelligence Avril Haines told lawmakers during a hearing of the Senate Armed Services Committee that malicious actors were preparing for a major conflict and had ramped up attacks against critical infrastructure.

She said the number of cyberattacks rose by 74 percent globally last year, with many of these attacks targeting U.S. health care and industrial control systems.

“Cyber actors are attacking U.S. industrial control systems which are typically used to automate industrial processes at record levels,” Ms. Haines said. “These actors put a premium on preparing offensive capability during peacetime, in part by preemptively planting footholds in our infrastructure.”

In February, FBI Director Christopher Wray pointed to the Chinese Community Party as a key cyber threat to U.S. infrastructure.

Hackers sponsored by China were “pre-positioned” for potential cyberattacks against U.S. natural gas and oil companies in 2011, he said during a security conference.

“But these days, it’s reached something closer to a fever pitch,” he stated. “What we’re seeing now is China’s increasing build-out of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right.”

Israel Soong, director for East Asia and Pacific cyber policy at the National Security Council, recently revealed that Chinese hackers had maintained persistent access to U.S. and allied systems for years.

In the event of any conflict, China will use such cyber access to “cripple” critical systems such as communication platforms and power grids.

The Chinese regime has heavily invested in boosting its cyber capabilities since its national strategy calls for “actively and intentionally” dominating these areas, he said.

“Beijing sees cyber and emerging technology as critical to the strategy to reshape the United States-led international order to be more favorable to the priorities of the Chinese Communist Party,” he said.

Naveen Athrappully
Naveen Athrappully
Author
Naveen Athrappully is a news reporter covering business and world events at The Epoch Times.