Data breaches have become quite common in 2024. In the first half of the year alone, we’ve seen some of the biggest ones yet, including cyberattacks on Ticketmaster, Advance Auto Parts, and Dell. To put it in perspective, the number of data breach victims in the second quarter of 2024 was 1,170% higher than at the same time last year. This means more people had their personal data stolen, which could be sold to data brokers or misused by hackers to steal money. I discuss the rise in data breach victims in more detail below, along with some tips and tricks to protect yourself from being impacted.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Data breaches are on the rise
The Identity Theft Resource Center (ITRC), a well-known nonprofit that helps victims of identity crime, has shared its data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The ITRC recorded 1,041,312,601 data breach victims in Q2 2024, a huge jump of 1,170 percent from Q2 2023, which had 81,958,874 victims.
Most of the rise in breach numbers is due to a few very large compromises. The ITRC points to Prudential, which affected 2.5 million people, and Infosys McCamish Systems, which impacted 6 million people, as major contributors. Both breaches were announced or updated in the second quarter of 2024, significantly boosting the overall numbers.
In Q2, there were 732 publicly reported data breaches, a 12 percent drop from the previous quarter’s 838 breaches. For the first half of the year, the ITRC tracked 1,571 breaches, which is about 14 percent higher than H1 2023. Last year ended with a record 3,203 breaches.
The ITRC revealed that nearly 90% of compromises in the first half of 2024 stemmed from data breaches. The financial services sector experienced the highest number of breaches, followed by healthcare. The largest breaches in terms of the number of victims were Ticketmaster, affecting 560 million customers, Advance Auto Parts with 380 million victims, and Dell, impacting 49 million users.
MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS
Hackers are also looking for your IDs
One trend the ITRC has noticed is the increasing value and use of stolen driver’s license information. In the first half of 2024, driver’s license data was taken in 25 percent of data breaches.
This rise shows a trend where driver’s licenses are being used more for identity verification, increasing the value of the stolen data for hackers. In pre-pandemic 2019, there were 198 breaches involving stolen driver’s license data, compared to 636 in 2023 and 308 through June 30, 2024.
HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS
How to protect yourself from data breaches?
When you sign up for a service, whether it’s a social media platform or a healthcare provider, it’s the company’s responsibility to protect your data. If your data gets leaked, it’s almost never your fault. So, many of the preventive measures below are for when you’re impacted by a data breach.
1) Change your passwords
If a data breach has leaked your passwords, change it immediately. Hackers could use your password to access your online accounts and steal your data or money. ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc.
You want to do this on another device so the hacker isn’t recording you setting up your new password on your hacked device. And you should also use strong and unique passwords that are hard to guess or crack. You can also use a password manager to generate and store your passwords securely. Changing passwords should be a part of your general cybersecurity hygiene, even if you’re not affected by a data breach.
2) Enable two-factor authentication
Activate two-factor authentication (2FA) for an extra layer of security on all your important accounts, including email, banking, and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.
3) Monitor your accounts and transactions
If you have been affected by a data breach, check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, immediately report it to the service provider or authorities. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.
4) Contact your bank and credit card companies
If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges, and issue new cards for you.
5) Use personal data removal services
Consider investing in personal data removal services that specialize in continuously monitoring and removing your personal information from various online databases and websites. I mentioned above that hackers are also stealing your IDs to validate the data. These IDs can be misused in more ways than you can imagine, including impersonation.
A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 175+ data brokers. You can add up to 3 emails, 3 home addresses and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Get Incogni for your family (up to 4 people) here
6) Sign up for identity theft protection
If you’re certain that your personal information has been leaked in a data breach, sign up for an identity theft protection service. It can monitor personal information like your home title, Social Security Number (SSN), phone number, and email address and alert you if it is being used to open an account. These services can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
My top recommendation is Identity Guard. One of the best parts of using Identity Guard is that they might include identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.
CyberGuy’s Exclusive Offer: Get the Identity Guard Ultra protection to protect your identity and credit for as little as $9.99/mo (lowest offered anywhere) for the first year.
See my tips and best picks on how to protect yourself from identity theft.
7) Alert your contacts
If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.
8) Have strong antivirus software
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
Kurt’s key takeaway
Data breaches are becoming increasingly common, making it essential to protect yourself. While companies are responsible for safeguarding your information, taking steps like changing passwords and monitoring your accounts can significantly reduce potential damage if your data is compromised. Staying alert and proactive is crucial in today’s digital world to keep your personal information secure.
Do you think companies should be held liable and face legal punishment when they compromise your personal data? Let us know in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
7 comments
Hello Kurt I am getting many unusual emails from people like Stephen Hill that I do not know. The subject like stated invoice for your order and the body of email is empty or a one liner here is your purchase receipt. Then a pdf. I NEVEr open the pdf. However I want to know if I Block the sender or delete the email could I have any malware install by those actions?
It’s great that you’re cautious about not opening suspicious attachments. Blocking or deleting these emails should not install any malware on your device. Here are some key points to consider.
– Blocking the Sender: This prevents future emails from that sender from reaching your inbox. It doesn’t interact with the email content, so it’s safe to do1.
– Deleting the Email: Simply deleting the email also doesn’t interact with its content, so it’s safe as well.
However, it’s important to never click on any links or open attachments in these emails, as that’s where the risk lies (on that note, be sure to always have your antivirus software actively running in the background). If you continue to receive such emails, you might want to report them as spam to your email provider to help improve their spam filters.
Yes companies should be liable and face legal punishment when our data is compromised, up to and including jail time for their CEO’s.
I’m shocked they aren’t held completely liable. Class Action suits against them reward you with free identity monitoring for a year or two and they are off the hook. YES! Hold them legally responsible, fire the top execs and invest in the best tech services and staff so it will never happen again….and prosecute with sentencing in prison! Let’s face it…our own government isn’t even on top of technology. I say learn to “police it before you release it!” Not “gonna” happen!
All companies should be liable. Perhaps liability insurance should be required of companies that have personal data,, that covers all costs of injured customers.
Companies that collect our personal information and profit by selling the information to others MUST be held responsible for consequential damages resulting from their cavalier and casual approach to data security. Their negligence places the hardship(s) of mitigating these damages on us whose information has been consolidated, harvested, sold, then compromised. This is unacceptable and most responses are weak and callous at best. Legal action should ensue.
I have a great idea the CEO has to pay for lifetime ID protection for the victims even if they leave the company or retire! It is their job to oversee the actions going on in the company. Also I think at times these security breaches are being done by fired employees, employees let go or quit. They should be the first suspects. Maybe they know where the security is weak on the website.