- Prudential Financial originally notified the U.S. Securities and Exchange Commission of a breach in February 2024 that impacted an estimated 36,000 victims. Prudential later revised the victim count in June 2024 to two-point-five (2.5) million.
- Infosys McCamish System revised their estimated victim count from ~84,000 in February’s notice to six (6) million.
- Credential stuffing attacks that targeted customers of the Snowflake cloud service accounted for more than 900 million of the victims reported in Q2.
- However, the 1+ billion estimated total H1 victim count does not include victims of the Change Healthcare supply chain attack which company executives predict will impact “a substantial number” of U.S. residents.
Download the ITRC’s H1 2024 Data Breach Report & Analysis
“The findings in the H1 2024 Data Breach Analysis are eye-opening for many different reasons,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “The estimated victim count is up significantly, primarily due to a small number of very large data events skewing the numbers. What is clear, though, is the fact the trends we saw emerge in 2023 that led to a record-breaking year in compromises are continuing into 2024. In some cases, such as the number of organizations impacted by supply chain attacks and the number of entities that did not list the root cause of a breach, the trends accelerated through the first half of the year. The takeaway from this report is simple: Every person, business, institution and government agency must view data and identity protection with a greater sense of urgency.”
Other findings in the H1 2024 Data Breach Report & Analysis include:
- “Not Specified” remained the most reported cause of a cyberattack listed in breach notices issued in H1 2024 (68 percent).
- Attacks against Financial Services companies jumped 67 percent year-over-year, making it the most compromised industry in H1 2024, followed by Healthcare companies. Reported compromises increased in ten (10) of the 16 industries tracked by the ITRC. However, compromises reported by Healthcare entities decreased year-over-year by 37 percent. The decrease knocked Healthcare from the most targeted industry to the second most frequently compromised for the first time in six years.
- H1 trends reflect the increased value and use of stolen Driver’s License information. Driver’s License data was stolen in 25 percent of data breaches based on notices issued in H1 2024. The increased rate of Driver’s License data theft reflects a post-pandemic trend related to the increased use of Driver’s Licenses for identity verification in a wider variety of transactions. The number of data breaches where driver’s license data was stolen totaled 198 instances in pre-pandemic, full-year 2019 compared to 636 in full-year 2023 and 308 through June 30, 2024.
To view our 2023 Annual Data Breach Report or Q1 2024 Data Breach Analysis, click here. Anyone can receive free support and guidance from a knowledgeable live advisor by calling or texting 888.400.5530 or visiting idtheftcenter.org to live chat.
About the Identity Theft Resource Center
Founded in 1999, the Identity Theft Resource Center® (ITRC) is a national nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live chat, idtheftcenter.org, and toll-free phone number 888.400.5530. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified. The ITRC offers help to specific populations, including the deaf/hard of hearing and blind/low vision communities.
Media Contact
Identity Theft Resource Center
Alex Achten
Director of Communications & Media Relations
888.400.5530 Ext. 3611
[email protected]
SOURCE Identity Theft Resource Center
