Image
December 31, 2024

Major Data Breaches & Hacking News in December 2024

December 31, 2024
As the holiday season brings festivities with family and friends, it’s easy to forget that cybercriminals are still working around the clock — and millions of people have fallen victim to cyberattacks. Recently, companies like AnnieMac Home Mortgage; Maxar Space Systems; The Real World; OnePoint Patient Care; and Keesal, Young, & Logan have experienced significant data breaches compromising user data, with the FBI also reporting an increase in hacking at police departments across the country. Read on to learn more about each incident:
Icon
U.S. Police Departments

Breach Size: Unknown

Data Exposed: The Federal Bureau of Investigation (FBI) shared that there has been a recent increase in cybercriminals using hacked police email accounts to send emergency data requests (EDR) and unauthorized subpoenas to American technology companies. Cybercriminals sell fake EDR services in online hacking forums, some bad actors claiming to have access to government emails from as many as 25 countries. The FBI estimates compliance with these fake EDRs is high, as it can be difficult for companies to determine if the requests are legitimate. The FBI has warned that police departments and world governments should increase security measures surrounding their email systems to prevent further incidents. 

Icon
AnnieMac Home Mortgage  

Organization Description: The American Neighborhood Mortgage Acceptance Company, doing business as AnnieMac Home Mortgage, is a national provider of mortgage loans.

Breach Size: 171,000 people

Data Exposed: In mid-November, AnnieMac Home Mortgage shared that an unauthorized third party accessed certain systems in its network during August of this year. The company shared that over 171,000 customers may have had their sensitive information compromised, including names and Social Security numbers. AnnieMac is investigating the incident.

Icon
Maxar Space Systems

Organization Description: Maxar Space Systems is a Colorado-based provider of aerospace technologies, including satellites.

Breach Size: Unknown

Data Exposed: Maxar Space Systems announced that a cybercriminal had access to sensitive employee information in a data breach this October. Compromised information likely includes names, addresses, Social Security numbers, employee numbers, business contact information, and more private and personally identifiable information. Maxar has taken action to halt the hacker’s access. If you were employed by Maxar, be vigilant by checking your financial statements and enroll in an identity theft protection service like IDSeal.

Icon
The Real World

Organization Description: The Real World, formerly known as Hustler’s University, is a subscription-based online university run by internet personality Andrew Tate.

Breach Size: 800,000 people

Data Exposed: The Real World recently suffered a cyberattack that exposed the personal information of hundreds of thousands of users. A group of anonymous “hacktivists” infiltrated the platform’s database and chat servers as an act of digital activism. Nearly 800,000 usernames were revealed, in addition to 324,000 email addresses and messages from hundreds of servers.

Icon
OnePoint Patient Care

Organization Description: OnePoint Patient Care is an Arizona-based dispensing pharmacy for the hospice industry.

Breach Size: 1.7 million records

Data Exposed: Last month, it was revealed that a data breach at OnePoint Patient Care during the summer affected 1.7 million people, more than twice the number initially reported. Responsibility for the breach was claimed by ransomware group Inc. Ransom. The group published the stolen information on its data leak site for download, including names, residence information, diagnoses, medical record numbers, prescription information, and some Social Security numbers. OnePoint has notified impacted individuals and is investigating the breach.

Icon
Keesal, Young & Logan

Organization Description: Keesal, Young, & Logan (KYL) is an international law firm specializing in securities and commodities law.

Breach Size: 316,000 people

Data Exposed: KYL has announced it suffered a data breach after suspicious activity was detected in its network this past June. The personal information of up to 316,000 people may have been compromised, including names, driver’s license numbers, Social Security numbers, financial account numbers, and individual taxpayer identification numbers. KYL is investigating the breach with class action law firm Edelson Lechtzin LLP.

Hacking & Phishing News
Watering Hole Attacks

In a watering hole attack, cybercriminals target a website frequently visited by a specific group or organization, injecting malicious code into the site. When unsuspecting users visit the site, their devices are infected, potentially exposing sensitive information or granting access to broader networks. Protecting against this tactic requires updated antivirus software and caution when accessing unfamiliar or unsecured websites, especially during peak holiday shopping when deals may lure users to compromised sites.

Cookie Theft

Also known as “session hijacking,” cookie theft occurs when hackers steal the small data files (cookies) stored on a user’s browser to impersonate them online. These cookies can contain login credentials or session data for websites they visit, including email accounts, shopping platforms, and financial services. Cybercriminals use various methods, like intercepting unsecured Wi-Fi connections or deploying malware, to access these cookies and gain unauthorized entry to the victim’s accounts. To prevent cookie theft, always log out of sensitive accounts after use, clear your cookies regularly, and avoid entering personal information on public Wi-Fi networks without a VPN.

GET PROTECTED

The surge of holiday cyberattacks highlights the ongoing vulnerabilities individuals and organizations face in protecting sensitive information. Cybercriminals are more creative and persistent than ever, making it essential to stay vigilant. Simple steps like updating your antivirus software and steering clear of suspicious links or attachments can significantly reduce your risk of identity theft. By pairing these practices with a robust identity protection service like IDSeal, which offers comprehensive monitoring, real-time alerts, and 24/7 support, you can enjoy a worry-free start to the new year. Let IDSeal be your safeguard, giving you the peace of mind to focus on what truly matters this time of year.

Related Articles
Featured image for “Major Data Breaches & Hacking News in June 2024”

Major Data Breaches & Hacking News in June 2024

June 27, 2024While many people across North America were celebrating the end of school, Father’s Day and the beginning of summer this June, identity thieves were celebrating major wins in data breaches. Companies such as Live Nation, Christie’s, Truist Bank, KeyTronic, Panera Bread, and Frontier have all faced significant security…
Featured image for “IDSeal® allows you to independently manage your identity”

IDSeal® allows you to independently manage your identity

As we celebrate Independence Day this month, it’s a perfect time to reflect on the true essence of independence. Just as our nation values freedom and self-governance, it’s equally important to adopt a mindset of personal responsibility in our everyday lives. One critical area where this mindset is essential is…

Start protecting your identity today! Signing up is quick & easy

Remember, 1-in-4 Americans are the victim of identity theft. It's not a matter

of if you'll become a victim, it's when...

Get Protected