Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Identity Theft Resource Center Sees Third-Most Data Breach Victims in a Quarter in Q2 2024

Date: 07/17/2024

The ITRC tracked 1,041,312,601 data breach victims in Q2 2024, up 1,170 percent from Q2 2023 (81,958,874 victims)

SAN DIEGO, July 17, 2024 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. According to the ITRC, there were 732 publicly reported data compromises in Q2, a 12 percent decrease compared to the previous Quarter (838). Through the first half of the year, the ITRC tracked 1,571 compromises, putting 2024 ~14 percent higher compared to H1 2023 which ended in a record number of compromises (3,203).

The number of data breach victims in H1 2024 (1,078,989,742) increased 490 percent compared to the first half of 2023 (182,645,409). A majority of the victims were from compromises announced or updated in Q2 (37,677,141 in Q1 vs. 1,041,312,601 in Q2). For example:

  • Prudential Financial originally notified the U.S. Securities and Exchange Commission of a breach in February 2024 that impacted an estimated 36,000 victims. Prudential later revised the victim count in June 2024 to two-point-five (2.5) million.
  • Infosys McCamish System revised their estimated victim count from ~84,000 in February’s notice to six (6) million.
  • Credential stuffing attacks that targeted customers of the Snowflake cloud service accounted for more than 900 million of the victims reported in Q2.
  • However, the 1+ billion estimated total H1 victim count does not include victims of the Change Healthcare supply chain attack which company executives predict will impact “a substantial number” of U.S. residents.

Download the ITRC’s H1 2024 Data Breach Report & Analysis

“The findings in the H1 2024 Data Breach Analysis are eye-opening for many different reasons,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “The estimated victim count is up significantly, primarily due to a small number of very large data events skewing the numbers. What is clear, though, is the fact the trends we saw emerge in 2023 that led to a record-breaking year in compromises are continuing into 2024. In some cases, such as the number of organizations impacted by supply chain attacks and the number of entities that did not list the root cause of a breach, the trends accelerated through the first half of the year. The takeaway from this report is simple: Every person, business, institution and government agency must view data and identity protection with a greater sense of urgency.”

Other findings in the H1 2024 Data Breach Report & Analysis include:

  • “Not Specified” remained the most reported cause of a cyberattack listed in breach notices issued in H1 2024 (68 percent).
  • Attacks against Financial Services companies jumped 67 percent year-over-year, making it the most compromised industry in H1 2024, followed by Healthcare companies. Reported compromises increased in ten (10) of the 16 industries tracked by the ITRC. However, compromises reported by Healthcare entities decreased year-over-year by 37 percent. The decrease knocked Healthcare from the most targeted industry to the second most frequently compromised for the first time in six years.
  • H1 trends reflect the increased value and use of stolen Driver’s License information. Driver’s License data was stolen in 25 percent of data breaches based on notices issued in H1 2024. The increased rate of Driver’s License data theft reflects a post-pandemic trend related to the increased use of Driver’s Licenses for identity verification in a wider variety of transactions. The number of data breaches where driver’s license data was stolen totaled 198 instances in pre-pandemic, full-year 2019 compared to 636 in full-year 2023 and 308 through June 30, 2024.

To view our 2023 Annual Data Breach Report or Q1 2024 Data Breach Analysis, click here. Anyone can receive free support and guidance from a knowledgeable live advisor by calling or texting 888.400.5530 or visiting www.idtheftcenter.org to live chat.

About the Identity Theft Resource Center

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a national nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live chat, idtheftcenter.org, and toll-free phone number 888.400.5530. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified. The ITRC offers help to specific populations, including the deaf/hard of hearing and blind/low vision communities.

Media Contact

Identity Theft Resource Center
Alex Achten
Director of Communications & Media Relations
888.400.5530 Ext. 3611
[email protected]

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.