In 2024, cybercrime reached unprecedented levels in the United States, with the FBI’s Internet Crime Complaint Center (IC3) reporting over $16.6 billion in losses—a staggering 33% increase from the previous year.
Key takeaways include:
- Cyber-enabled fraud is responsible for almost 83% of all losses reported to IC3 in 2024. Investment fraud caused the highest dollar amount of losses, at more than $6.57 billion.
- Phishing and spoofing scams remained the most commonly reported crimes, followed by extortion and personal data breaches.
- Cyber threats caused over $1.57 billion in losses last year, accounting for over 260,000 of the received complaints. More than 4,800 complaints came from critical infrastructure organizations.
- Ransomware and data breaches were the most reported cyber threats among critical infrastructure entities, and in 2024, the IC3 identified 67 new ransomware variants.
What’s the lesson here?
Sadly, it seems crime does pay. At $16.6 billion, cybercrime out-“earned” the US box office’s $8.56 billion in 2024 by almost a factor of two. The surge in both the volume and sophistication of cybercrime illustrates a troubling escalation and emphasizes the urgent need for stronger cyber defenses and public awareness.
Looking at the most frequent crime types, it’s clear that social engineering has become an extremely popular and effective attack vector. With billions lost to scams that prey on human error, it’s critical for organizations to strengthen not only their defenses but also their resilience. A strong SaaS data backup strategy can mean the difference between a quick recovery and catastrophic loss, making it a key pillar of any modern cybersecurity plan.
What other topics are trending?
- Blue Shield of California leaked health data of 4.7 million members to Google: From April 2021 to January 2024, Blue Shield of California potentially shared sensitive patient information—including names and medical claim details—of 4.7 million members with Google. The culprit: A Google Analytics misconfiguration.
- The Washington Post partners with OpenAI on search content: This licensing deal means that ChatGPT users will see Washington Post articles, snippets, and links appear alongside AP, Vox, and the Financial Times.
- WorkComposer app leaks over 21 million employee screenshots: The app, designed to track employee productivity by logging keystrokes and taking screenshots, has suffered a significant privacy breach due to an unsecured Amazon S3 bucket—leaving a wealth of sensitive information exposed.
The Soapbox: Online conversations you don’t want to miss
Featuring insights from our Co-Founder & CTO, James Ciesielski.
Lurking in the shadows: Study finds 50% of workers use unapproved AI tools
James’ take? Most folks who are downloading these AI tools don’t have malicious intentions—they’re simply looking to enhance their productivity. But that doesn’t mean that there aren’t inherent risks. As with any Shadow IT, organizations can mitigate the threat by auditing what apps their employees are using, invest in training and awareness campaigns, and ensure they have a comprehensive set of data controls in place.
Join the conversation on X.
Want a bite? Cookie-Bite attack PoC uses Chrome extension to steal session tokens
James’ take? This attack serves as a great reminder that even tools designed to enhance productivity, like a simple browser extension, can conceal malicious intent. To mitigate such risks, organizations must implement a multi-layered security strategy. This includes enforcing strict controls over applications and browser extensions, prioritizing user education, and maintaining a robust data backup plan to ensure swift recovery in the face of disaster.
Join the conversation on Linkedin.
Industry news
Rewind is now available in AWS Marketplace
Rewind has teamed up with Amazon Web Services (AWS) to make our backup and recovery solutions for Confluence, Jira, Bitbucket, GitHub and Azure DevOps available in AWS Marketplace. By joining forces, we’re offering a seamless procurement and billing option to Rewind customers who use AWS. Our customers will reap the benefits of simplified vendor management while being able to leverage their AWS committed spend.
Join Rewind at AWS re:Inforce 2025
June 16-18, 2025 | Philadelphia, PA
Body: Attending AWS re:Inforce 2025 in Philly? Team Rewind will be at booth #432, ready to dive into the importance of backing up and securely restoring SaaS data to ensure business continuity and compliance. Don’t miss our Co-Founder James Ciesielski’s session on June 17 at 9:00am, Your DevOps Stack Has a Blind Spot: Data Resilience.
Subscribe to Retro for more!
Like what you read? Subscribe to Retro so you don’t miss any of our industry’s top stories and conversations.
Miriam Saslove">
