This year has been disastrous for data breaches, affecting a wide range of businesses from banks to car dealerships. It’s hard to believe anyone in the U.S. has avoided exposure. Below are some businesses that may have compromised your data:

National Public Data breach: 2.9 billion individuals affected

It’s troubling to think a background-check organization suffered a data breach. National Public Data is supposed to safeguard and analyze sensitive data, yet a lawsuit suggests their negligence led to the exposure of 2.9 billion individuals’ information, including Social Security numbers, names, and addresses. The hacking group ASDoD has reportedly listed the stolen data for sale at $3.5 million, with no information on any ransom payment made.

National Public Data collects personal information from “nonpublic sources” using scraping methods, which means it gathers data that individuals didn’t voluntarily provide.

Depending on the outcome of the court proceedings, National Public Data may be forced to delete the sensitive information of those impacted and to implement encryption for all data moving forward.

Ascension ransomware attack: Involving up to 140 hospitals

In May, an employee at Ascension, a major healthcare network, accidentally downloaded malware, triggering a wave of cyberattacks.

Ascension operates 140 hospitals across 19 states and Washington, D.C. On May 8, they detected abnormal network activity, leading to significant disruptions, including the need to close emergency rooms and redirect patients.

The hackers accessed seven out of Ascension’s 25,000 servers, and the extent of those affected is still being determined. While Ascension has reported that approximately 500 individuals were impacted, it’s likely the final number is much larger.

CDK global breach: Impacting 15,000 dealerships

In June, CDK, a leading software provider for car dealerships, faced a double-edged attack. Their systems were taken offline following successive cyberattacks on June 18 and 19. Speculations suggest that the ransom demanded could be in the tens of millions of dollars.

This shutdown severely interrupted dealership activities, with one Lexus dealership in New Jersey reporting a 50% drop in new car sales during June.

Change Healthcare attacks

Change Healthcare, owned by UnitedHealth, is utilized by numerous pharmacies, hospitals, and healthcare facilities for processing payments and claims.

In late February, an attack led to extensive disruptions throughout the U.S. healthcare system for weeks. UnitedHealth ultimately paid $22 million to the Russian hacking group BlackCat to prevent them from leaking stolen data.

Subsequently, another group known as RansomHub claimed they also stole data. In April, UnitedHealth revealed that a significant amount of American data was at risk, with estimates indicating that up to a third of all Americans may have been affected. This includes sensitive medical information such as test results, diagnoses, and images.

AT&T breach: 73 million accounts compromised

In March, AT&T revealed that hackers accessed information from “almost all” its current and former clients. This data extends back to 2019 and contains highly sensitive details, including Social Security numbers. The company reportedly paid $370,000 to the hackers in exchange for deleting the compromised information.

Other notable breaches

◾ Advance Auto Parts (July): Personal data of over 2.3 million individuals was compromised.
◾ Roku (April): Hackers accessed around 591,000 accounts using stolen credentials from other breaches; no financial data was involved.
◾ Truist Bank (June): The hacking group Sp1d3r stole information from 65,000 employees and publicly listed it for sale.
◾ Tile (June): Life360, the company behind the Tile trackers, reported a breach affecting names, addresses, emails, phone numbers, and device IDs.

◾ Ticketmaster (June): This breach affected 560 million customers, exposing names, addresses, phone numbers, emails, order histories, and partial payment details.
◾ Dropbox (May): Attackers infiltrated Dropbox Sign’s development area, putting customer information at risk.
◾ TeamViewer (July): Employee directory data, such as names and encrypted passwords, was compromised.

Stay Secure

While preventing a hack on a large organization might be impossible, you can still take measures to minimize the impact on yourself.

Contact your healthcare provider and insurance company as soon as possible. This usually indicates that someone may be misusing your benefits for their own medical care.