The biggest data breaches in 2024 (plus: an ‘epic fail’ award, overlooked cybersecurity practices, & more)

As we move into the last quarter of the year, it’s only fitting to start looking back on some of its key moments—and that includes the biggest, most damaging data breaches.

With over 1 billion records stolen so far, these breaches include both personal and medical data. They not only affect the individuals whose data was exposed, but also empower the cybercriminals who profit from such attacks.

The list, compiled by TechCrunch, includes breaches affecting AT&T (with two breaches just months apart), Change Healthcare, Synnovis, Ticketmaster, USPS, Evolve Bank, and more. 

What’s the lesson here?

If the list above teaches us one thing, it’s that no one is immune to the threat of cyberattacks. While the frequency of these incidents doesn’t seem to be slowing down, it’s our responsibility to keep both our personal and business-critical data safe. That means training your teams to recognize malicious attacks, keeping your software up-to-date, implementing endpoint security, and much more. 

What other topics are trending?

• Park’N Fly data breach included personal information of 1M Canadian customers, company says: The popular airport parking service confirmed that a third-party had breached its networks through an unauthorized remote VPN sometime between July 11 and 13. The company’s platforms were fully restored within five days of the incident, it said.
• Indie studio pulls its first game from Steam after realizing it lost the source code: Quantum Lock, a cyberspace freeze tag game by Fat Bomb Studios, was delisted because the original was stored on a portable hard drive—and no alternative backup solution existed.
• CrowdStrike accepts award for ‘most epic fail’ after global IT outage: The company’s president Michael Sentonas took the stage at the Pwnie Awards to accept the award.

The Soapbox: Online conversations you can’t afford to miss

Featuring insights from our Co-Founder & CTO, James Ciesielski.

What’s the most overlooked yet crucial cybersecurity practice?

James’ take? I definitely agree that a lot of cybersecurity incidents can simply be traced back to lack of awareness. With human error being one of the most common causes of data loss, it’s imperative that organizations train their staff on best practices. 

Join the conversation on Reddit.

The hardest parts of employee offboarding

James’ take? Many organizations spend all their time focusing on onboarding, and neglect the offboarding process (which is just as important!). A mistake like this only reinforces the need for things like service accounts and proper tracking of employee offboarding activities like transferring ownership and revoking access to systems in a timely manner.

Join the conversation on X.

Subscribe to Retro for more!

Like what you read? Subscribe to Retro so you don’t miss any of our industry’s top stories and conversations.