Are Our Cybersecurity Measures Ready for the Emerging Threats of 2025? A Look Back at the Worst Hacks of 2024
The number of cyberattacks and data breaches reached alarming levels in 2024 and highlight the increasing sophistication and scale of cyber threats impacting critical sectors like healthcare, telecommunications, and government infrastructure.
Cybersecurity is more important than ever for both individuals and organizations. As we are mere weeks into 2025, it's vital to reflect on major breaches that occurred last year, impacting various industries significantly. The telecommunications, cloud storage, and healthcare sectors faced some of the most severe attacks, revealing critical weaknesses and underscoring the need for stronger cybersecurity measures. In this post, we'll examine these breaches and discuss emerging threats that organizations must prepare for as we continue through 2025.
A look back at just some of the more serious Cyberattacks of 2024:
1. LoanDepot Ransomware Attack
- Date: January 2024
- Details: LoanDepot, a major loan and mortgage company, suffered a ransomware attack carried out by the ALPHV/BlackCat group. The breach exposed the personal information of nearly 17 million customers, including names, addresses, phone numbers, dates of birth, email addresses, Social Security numbers, and financial account details.
2. Change Healthcare Ransomware Attack
- Date: February 2024
- Details: The BlackCat (ALPHV) group targeted Change Healthcare, a subsidiary of UnitedHealth Group, disrupting U.S. healthcare services. Sensitive data was exfiltrated, halting medical claims processing nationwide and costing UnitedHealth Group approximately $2.87 billion in response efforts.
3. Salt Typhoon Telecom Attacks
- Date: December 2024
- Details: Chinese state-sponsored hackers breached major U.S. telecom providers, including AT&T, Verizon, T-Mobile, and Lumen Technologies. The attack compromised call metadata, geolocation information, and even audio recordings of high-profile individuals, raising national security concerns.
4. National Public Data Breach
- Date: April 2024
- Details: A massive breach exposed the data of 1.3 billion individuals. The stolen records were listed for sale on the dark web, leading to the collapse of the company responsible, Jerico Pictures.
5. Snowflake Ransomware Attack
- Date: June 2024
- Details: A ransomware attack impacted Snowflake's cloud infrastructure, disrupting services for clients like Ticketmaster and exposing sensitive customer data.
6. AT&T Data Breaches
- Dates: March and later in 2024
- Details: AT&T suffered two breaches affecting over 110 million users combined. These incidents exposed Social Security numbers, account details, and passcodes.
7. The UK Ministry of Defence (MoD) experienced two major data breaches in 2024, each with significant implications:
1. Payroll System Breach (May 2024)
- Details: Hackers infiltrated a third-party payroll system managed by Shared Services Connected Ltd (SSCL), exposing the personal information of approximately 270,000 current and former British military personnel. This included names, bank details, and, in some cases, addresses and National Insurance numbers.
2. Defence Gateway Portal Credentials Leak (December 2024)
- Details: Nearly 600 employee login credentials for the MoD's Defence Gateway portal were stolen and leaked on the dark web. This portal is used for internal communication, HR services, and accessing health records.
- Suspected Perpetrators: The attack was attributed to Russian hackers who exploited vulnerabilities in personal devices used by staff to access the platform.
- Risk: While no classified information was stored on the portal, intelligence sources warned that the stolen data could be used for blackmail or covert recruitment operations targeting military personnel.
Both incidents highlight ongoing challenges in securing sensitive defense-related data, particularly when relying on external contractors and personal devices.
Brett Wilx
Stay Up To Date With Technology News!
Tip of The Iceberg
These attacks highlight the increasing sophistication and scale of cyber threats in 2024, impacting critical sectors like healthcare, telecommunications, and government infrastructure. Here are some staggering stats of 2024:
In 2024, the number of cyberattacks and data breaches reached alarming levels:
- Cyberattacks: Organizations faced an average of 1,876 cyberattacks weekly in Q3 2024, marking a 75% increase compared to the same period in 2023 (Check Point Software Technologies). This surge indicates millions of attacks globally across the year, with industries like Education/Research, Government/Military, and Healthcare being the most targeted.
- Data Breaches: There were 10,626 confirmed data breaches in 2024, affecting hundreds of millions of individuals (Identity Theft Resource Center). This includes high-profile incidents like the National Public Data breach (2.9 billion records stolen) and breaches at major companies like AT&T and Dell.
And, within a mere 6 weeks into 2025, several damaging data breaches have already occurred:
Here are some of the major data breaches reported in 2025 so far:
1. Community Health Center (CHC) Breach
- Date: January 2, 2025
- Details: Attackers accessed CHC's systems since October 2024, compromising over 1 million individuals' data, including personal, medical, and insurance information. The breach did not involve ransomware, allowing CHC to continue operations without disruption.
2. PowerSchool Data Breach
- Date Disclosed: January 2025
- Details: Hackers exfiltrated data from PowerSchool's Student Information System, affecting up to 62 million students and 9.5 million teachers. Compromised data included PII, Social Security numbers, and grades. The breach occurred through a single compromised employee password.
3. ENGlobal Corporation Ransomware Attack
- Date: January 29, 2025
- Details: A ransomware attack disrupted operations at this energy and government contractor for six weeks, with sensitive personal and financial data exposed.
4. New York Blood Center (NYBC) Ransomware Attack
- Date: January 30, 2025
- Details: A ransomware attack forced NYBC to reschedule appointments and disrupted its blood donation services during a regional blood supply crisis.
5. Otelier Hotel Data Breach
- Date Disclosed: January 20, 2025
- Details: Attackers stole credentials via infostealer malware and exfiltrated 7.8 TB of sensitive customer data from major hotel chains like Marriott and Hilton. Hundreds of thousands of email addresses were exposed.
6. Phemex Cryptocurrency Exchange Hack
- Date: January 23, 2025
- Details: Hackers stole $85 million worth of cryptocurrency from Phemex's hot wallets. The platform suspended deposits and withdrawals following the breach.
7. Telefonica Ticketing System Breach
- Date Disclosed: January 10, 2025
- Details: The Hellcat ransomware group used infostealer malware to access Telefonica’s internal ticketing system, exposing customer data and internal files.
8. UK Domain Registry Nominet Breach
- Date Disclosed: January 12, 2025
- Details: Nominet was breached using an Ivanti VPN zero-day vulnerability (CVE-2025-0282), compromising its network.
Emerging Threats to Watch Out for in 2025
The attacks listed above for 2025 are just over a handful of the umpteen occurrences that have taken place so far this year. Looking ahead, organizations need to stay alert and prioritize their defences against the evolving threats in today's threatening digital world. Several emerging threats demand attention and actionable measures going forward.
AI-Powered Attacks
The rise of artificial intelligence is changing the nature of cybercrime. Cybercriminals are now using AI to create more sophisticated attacks, automating vulnerability scanning and identifying weaknesses at unprecedented speeds. This could potentially increase the success rate of breaches.
IoT Vulnerabilities
The Internet of Things (IoT) is expanding rapidly, but many devices still lack adequate security features. As more devices connect online, there is a significant risk of exploitation. For example, poorly secured smart home devices can be gateways for hackers to access larger networks, potentially leading to substantial data breaches.
Deepfake Technology
Deepfake technology is becoming a notable concern, particularly in social engineering attacks. Cybercriminals can use deepfakes to impersonate individuals, facilitating unauthorized access and identity theft.
Cyber Insurance Challenges
As cyber attacks get more complicated, current insurance policies might not cover every type of breach, which could lead to higher premiums for companies. This changing situation is making businesses rethink their insurance plans to make sure they're properly covered against possible threats.
Quantum Computing Risks
As quantum computing technology matures, it poses serious risks for cybersecurity. Current cryptographic algorithms may soon be rendered ineffective, putting sensitive data at risk and complicating how organizations protect their information.
Protection Is Key
If you are affected by a data breach and want to protect yourself from identity theft, here are key steps you can take:
Immediate Actions
- Monitor Your Credit Reports
- Check your credit reports for suspicious activity, such as unauthorized accounts or inquiries. You can request free credit reports from the three major bureaus (Equifax, Experian, TransUnion) annually or use ongoing credit monitoring services.
- Place a Fraud Alert or Credit Freeze
- A fraud alert notifies creditors to verify your identity before opening new accounts. A credit freeze restricts access to your credit file, preventing new accounts from being opened without your permission.
- Report Suspicious Activity
- Notify your bank or financial institutions of any fraudulent transactions and close compromised accounts. In the US? File a report with the Federal Trade Commission (FTC) at identitytheft.gov and your local police department. For Canadians, immediately contact the Canadian Anti-Fraud Centre, the Canada Revenue Agency (CRA) as well as making a report with the RCMP if it involved a scam or fraud. Here are some important links from the Canadian Centre for Cyber Security for tips on how to stay safe, current threats and notifications as well as important contact information.
Preventive Measures
Use Strong, Unique Passwords
- Create complex passwords for all accounts and consider using a password manager to securely store them.
Enable Two-Factor Authentication (2FA)
- Add an extra layer of protection to your online accounts by enabling 2FA wherever possible.
Be Cautious with Personal Information
- Avoid sharing sensitive details on social media or over the phone unless you initiated the contact. Be wary of phishing scams.
- Protect Your Social Security Number (SSN) / Social Insurance Number (SIN)
- Do not carry your SSN/SIN card in your wallet, and only provide your SSN/SIN when absolutely necessary.
Secure Your Devices and Network
- Use antivirus software, firewalls, and Virtual Private Networks (VPNs) to protect your devices and online activity. Regularly update software to patch vulnerabilities.
Shred Sensitive Documents
- Physically destroy documents containing personal information before disposing of them to prevent dumpster-diving thefts.
Set Up Banking Alerts
- Enable notifications for unusual transactions or login attempts on your bank accounts to detect fraud early.
Long-Term Protection
- Regularly review account statements and billing cycles for anomalies.
- Consider identity theft protection services that offer monitoring and restoration support.
- Learn about common scams to recognize and avoid them in the future. Below is a great link to stay advised on the current threats:
Taking these steps can help mitigate risks and safeguard your identity after a data breach.
Cybersecurity advice and guidance tailored to small and medium businesses:
Cybersecurity advice and guidance for large organizations:
Closing Thoughts
Staying cybersecurity aware is essential in today’s increasingly connected world as it helps individuals and organizations protect sensitive data, mitigate risks, and foster a culture of vigilance against evolving cyber threats. Cybersecurity awareness involves understanding potential risks, recognizing threats, and implementing best practices to safeguard personal and organizational assets.
Human error remains one of the most significant vulnerabilities in cybersecurity. Studies show that up to 95% of data breaches result from human mistakes, such as falling for phishing scams or mishandling sensitive information. By staying aware, individuals can act as the first line of defense against cyberattacks, reducing the likelihood of breaches caused by negligence or lack of knowledge.
Benefits for Organizations
For businesses, cybersecurity awareness is critical to protecting digital assets and maintaining operational continuity. Effective training programs empower employees to identify and mitigate threats like phishing, ransomware, and social engineering attacks. Organizations that prioritize awareness experience fewer security incidents, saving millions in potential losses. For example, the average cost of one of the data breaches in 2024 was $4.35 million, underscoring the financial stakes involved.
Awareness also ensures compliance with industry regulations such as GDPR or HIPAA, avoiding costly penalties while safeguarding consumer trust. Furthermore, fostering a culture of cybersecurity within an organization ensures that all employees share responsibility for protecting sensitive data.
Personal Protection
On an individual level, staying cybersecurity aware helps prevent identity theft, financial fraud, and other personal risks. Simple actions like using strong passwords, enabling multi-factor authentication (MFA), recognizing phishing attempts, and keeping software updated can significantly enhance personal security. Awareness also promotes safer online behavior, reducing the chances of falling victim to scams.
Adapting to Evolving Threats
Cyber threats are constantly evolving, with attackers employing sophisticated tactics to exploit vulnerabilities. The immense growth of AI, quantum computing and other technologies are proof to this. Staying informed about emerging risks ensures readiness to counter new challenges. Understanding advanced phishing techniques or zero-day vulnerabilities as an example, enables proactive measures to mitigate risks before they escalate. Investing the time and effort to remain in a safe, proactive state is far more productive and reliable compared to desperately trying to put out fires while frantically trying to recover data from unprotected attacks.
Cybersecurity awareness builds resilience by preparing individuals and organizations to respond effectively to incidents. It involves not only prevention but also understanding how to detect and recover from attacks. This proactive approach minimizes downtime and reduces the overall impact of breaches.
In an era where cyberattacks are increasingly common and costly, staying cybersecurity aware is no longer optional - it is a necessity. Awareness empowers individuals to protect themselves and enables organizations to safeguard their operations and reputation. By fostering a culture of vigilance and continuously educating oneself about emerging threats, we can collectively create a safer digital environment for everyone.
