The final weeks of 2024 saw multiple data breaches occurring or coming to light that impacted organizations across diverse sectors. From healthcare to donut makers, these incidents exposed sensitive data and highlighted the growing risks to cybersecurity and online privacy. Read on for the low-down.

• Datavant Breach Exposes 11,000 Children
• The Real World, Andrew Tate’s Online University Hacked
• LastPass Breach: An ongoing Threat
• ZAGG Customers Have Credit Data Exposed After Breach
• Krispy Kreme Targeted by PlayCrypt Ransomware Group
• Salt Typhoon Hacker Group

Datavant Breach Exposes 11,000 Children

Datavant, a health IT company, suffered a phishing attack in May 2024 that exposed the sensitive data of over 11,000 individuals, mostly minors. The breach occurred through a compromised email account, revealing names, addresses, Social Security numbers, health records, and more. This data could enable identity theft, medical fraud, and targeted phishing attacks.

While Datavant’s core systems were unaffected, the company has enhanced its security measures and implemented phishing awareness training. Affected individuals will receive two years of free identity monitoring. This incident highlights the risks of phishing attacks, especially for organizations handling vast amounts of sensitive data.

The Real World, Andrew Tate’s Online University Hacked

Hacktivists have Andrew Tate’s online mentoring platform, The Real World, stealing data from 800,000 users, including 325,000 email addresses and chat logs from over 600 servers. The attack exploited a platform vulnerability, allowing hackers to disrupt chatrooms and ban users. The hacktivists described the platform’s security as “hilariously insecure” and cited hacktivism as their motive.

The Real World, a rebranded version of Hustler’s University, offers mentoring on topics like e-commerce, freelancing, and AI for $49.99 a month. While Andrew Tate, currently under house arrest in Romania, has not addressed the breach, affected users are urged to change their passwords, monitor their data, and stay vigilant for scams. The breach highlights the risks of poor cybersecurity in platforms handling sensitive user information.

LastPass Breach: An ongoing Threat

LastPass, once a trusted name in password management, has faced ongoing fallout from its 2022 security breaches, where source code, API tokens, MFA seeds, and keys were stolen. These hacks have led to a series of cryptocurrency thefts targeting LastPass users, with hackers draining significant funds over time. In October 2023, $4.7 million in cryptocurrency was stolen, followed by $6.4 million in February 2024, and most recently, $5.36 million from over 40 crypto wallets.

LastPass denies conclusive links between its breaches and these thefts, though the stolen data continues to enable such attacks. Experts emphasize the importance of hardware wallets over digital wallets or exchanges for storing crypto, as victims of crypto theft have little recourse. Despite the company’s reassurances and investigations, the incidents have significantly tarnished its reputation as a secure password manager.

Protect Yourself with Trend Micro ScamCheck

Data breaches and the leaking of users’ personal info to the dark web always leads to an increase in phishing scams. Introducing Trend Micro ScamCheck! Available for both Android and iOS, ScamCheck offers comprehensive protection from the latest deception:

• Scam Check: Instantly analyze emails, texts, URLs, screenshots, and phone numbers with our AI-powered scam detection technology. Stay secure and scam-free.
• SMS Filter & Call Block: Say goodbye to unwanted spam and scam calls and messages. Minimize daily disruptions and reinforce your defenses against phishing.
• Deepfake Scan: Detect deepfakes in real-time during video calls, alerting you if anyone is using AI face-swapping technology to alter their appearance.
• Web Guard: Surf the web safely, protected from malicious websites and annoying ads.

To download Trend Micro ScamCheck or to learn more, click the button below.

ZAGG Customers Have Credit Data Exposed After Breach

ZAGG Inc., a maker of consumer electronics accessories, disclosed a data breach that exposed customers’ credit card details. The incident occurred between October 26 and November 7, 2024, when attackers compromised the FreshClicks app, a third-party tool offered through BigCommerce’s app marketplace. Hackers injected malicious code into the app, allowing them to scrape payment card data entered during checkout on ZAGG’s website. Stolen information includes names, addresses, and payment card details.

BigCommerce, the e-commerce platform provider, emphasized that its own systems were not breached and took swift action by uninstalling the compromised FreshClicks app from all affected stores. In response, ZAGG notified law enforcement, implemented security measures, and offered impacted customers 12 months of free credit monitoring via Experian.

Krispy Kreme Targeted by PlayCrypt Ransomware Group

On December 11, 2024, Krispy Kreme disclosed a data breach that disrupted its U.S. operations. Days later, the Play Ransomware group, also known as PlayCrypt, claimed responsibility, threatening to release sensitive internal company data, including IDs, client documents, payroll, financial records, and tax-related information. The group announced the breach on its dark web site on December 19, warning that the data would be leaked within two days unless their demands were met. Krispy Kreme has not confirmed if data theft occurred or its scope.

The Play Ransomware group, active since June 2022, is notorious for its double-extortion tactics—stealing data before encrypting systems to pressure victims into paying ransoms. The group has targeted businesses, governments, and critical infrastructure globally, recently collaborating with North Korean state-backed hackers.

Salt Typhoon Hacker Group

AT&T and Verizon have confirmed they were targeted in a large-scale Chinese cyber-espionage campaign led by the Salt Typhoon group, which has a history of infiltrating telecoms and government entities worldwide. Both companies reported that the hackers have been removed from their networks, with Verizon stating that the breach had been contained and AT&T acknowledging limited data collection attempts involving foreign intelligence information. T-Mobile also disclosed a separate breach in November 2024 but did not attribute it to Salt Typhoon, emphasizing that no sensitive customer data was accessed.

This campaign has impacted nine U.S. telecom carriers and others in dozens of countries. In response, the U.S. government is considering banning China Telecom’s remaining operations and investigating TP-Link routers for potential national security risks. Additionally, lawmakers and regulators are pushing for stronger cybersecurity measures to protect U.S. telecom infrastructure. The Salt Typhoon group, active since 2019, remains a significant threat, especially in targeting critical sectors across Southeast Asia and beyond.

Safeguard Your Identity

Trend Micro is here to have your back as 2024 ends. We would encourage readers to head over to our new ID Protection portal, which has been designed to meet the security and privacy threats we now all face. With ID Protection, you can:

• Safeguard your social media accounts against hackers
• Receive alerts if your personal info gets leaked
• Protect against online threats, such as phishing scams
• Stop sites from collecting privacy-compromising data
• Create, store, and manage strong, tough-to-hack passwords.

What’s even better is that you can enjoy a 7-day free trial of ID Protection‘s paid version, so that you can take advantage of all its awesome features and start securing your identity and privacy today! Why not give it a go today?