The Weekly Breach Breakdown: H1 Data Breach Analysis – Findings and Key Takeaways

• The Identity Theft Resource Center (ITRC) released its data breach analysis for the second quarter (Q2) and first half (H1) of 2024. According to the analysis, there were 1,571 compromises and 1.07 billion victims in H1. 2024 will likely set a new record for the number of data compromises in a single year.
• A small number of data compromises with large victim counts skewed the number of individuals impacted. Also, estimated victim counts grew because of late Q2 updates to original estimates from compromises reported earlier in 2024.
• Driver’s License data was stolen in 25 percent of data breaches according to notices issued this year. This reflects a post-pandemic trend related to the increased use of Driver’s Licenses for identity verification in a wider variety of transactions.
• According to the H1 Data Breach Analysis, “Not Specified” remained the most commonly reported cause of a cyberattack listed in breach notices this year (68 percent). While the number of supply chain attacks dropped slightly year over year, the number of organizations impacted grew.
• To learn about the latest data compromises, consumers and businesses should visit the ITRC’s data breach tracking tool, notified. If you believe you are the victim of an identity crime, call or text toll-free at 888.400.5530 or live chat on our website, idtheftcenter.org.

H1 Data Breach Analysis

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for July 19, 2024. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we review the findings in our H1 Data Breach Analysis

It’s July and the halfway point in 2024. Faithful followers of this podcast know what that means: a review of publicly reported data compromises and related trends for the first six months of the year. Buckle up because there’s a lot of interesting data to cover.

Data Compromises Rise 14 Percent

The number of data compromises reported in the first half (H1) of 2024 totaled 1,571, impacting an estimated 1.07 billion victims, including individuals impacted by multiple breaches. This was a ~14 percent increase in compromises compared to the same period in 2023, a year in which we set the record for data events reported in a single year at 3,203.

Data Breach Victims Counts Skyrocket

Generally, the trends we saw in the first half of 2024 reflect the same trends from 2023. That is except for a sudden, dramatic increase in the overall estimated number of data breach victims.

A small number of data compromises with large victim counts skewed the number of individuals impacted in the H1 Data Breach Analysis. For example, credential stuffing attacks using stolen logins and passwords targeted customers of the Snowflake cloud service. While Snowflake itself was not breached, customers who use the service – companies like Ticketmaster and Advance Auto Parts – accounted for more than 900 million of the victims reported in the first half of 2024.

Why Such a Spike in Victims?

One thing to keep in mind is that these mega breaches tend to mask the overall trend of fewer individual victims of data breaches as threat actors become more precise in targeting organizations.

Estimated victim counts also grew in H1 because of late Q2 updates to original estimates from compromises reported earlier in 2024. For example:

• Prudential Financial originally notified the U.S. Securities and Exchange Commission of a breach in February that impacted an estimated 36,000 victims. Prudential later revised the victim count in June to two-point-five (2.5) million.
• Infosys McCamish System revised their estimated victim count from ~84,000 in February’s notice to six (6) million.
• However, the 1+ billion estimated total victim count does not include victims of the Change Healthcare supply chain attack which company executives predict will impact “a substantial number” of U.S. residents. According to company estimates, Change processes one-third of all U.S. patient health records.

Other Findings in the H1 Data Breach Analysis

Compromises increased in ten (10) of the 16 industries tracked by the ITRC. Attacks against Financial Services companies jumped by more than two-thirds (67 percent) year-over-year to be the most compromised industry so far in 2024. However, compromises reported by Healthcare entities decreased year-over-year by 37 percent. The decrease was enough to knock Healthcare from the most targeted industry for the first time in six years.

“Not Specified,” at 68 percent, remained the most commonly reported cause of a cyberattack listed in breach notices this year. While the number of supply chain attacks dropped slightly year over year, the number of organizations impacted grew.

Driver’s License data was stolen in 25 percent of data breaches according to notices issued this year. This reflects a post-pandemic trend related to the increased use of Driver’s Licenses for identity verification in a wider variety of transactions. For context, the number of data breaches where driver’s license data was stolen in pre-pandemic 2019 totaled 198 instances. Compare that to 636 instances in 2023 and 308 through June 30 of this year.

What Does This All Mean?

Chances are we’ll set a new record for the number of data compromises in a single year by the end of December. We’ll have one more update to these numbers in October before we publish the annual trends in January 2025. If you want to know more about the latest data compromise trends, download our H1 Data Breach Analysis at www.idtheftcenter.org/publications or click here.

Contact the ITRC

If you want to know more about how to protect your business or personal information or think you have been the victim of an identity crime, contact us. You can speak with an expert ITRC advisor on the phone, via text message, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PT). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. Be sure to check out our sister podcast, the Fraudian Slip, next week when two identity crime victims share their stories with the ITRC’s President and CEO Eva Velasquez. We will return in two weeks with another episode of the Weekly Breach Breakdown.