In 2024, a wave of cyberattacks targeting prominent brands underscored the vulnerabilities inherent in organizations, regardless of their size or industry. By the close of the second quarter, the United States witnessed an alarming 1,000% rise in data breach victims, drawing attention to the urgency for enhanced cybersecurity measures across the board.
High-profile cases of security breaches included major companies such as Home Depot, Disney, AT&T, Verizon, Ticketmaster, Shell, and Prudential Insurance, each facing significant compromises of sensitive data. These incidents not only exposed personal information of employees and customers but also revealed critical lessons about the evolving landscape of cyber threats and the shortcomings of current security protocols.
Home Depot experienced a considerable data breach in April when a threat actor on a dark web forum claimed to have obtained information from approximately 10,000 employees. The breach was traced back to an attack on one of Home Depot’s third-party service providers, illustrating the risk posed by supply chain vulnerabilities. This scenario aligns with the MITRE ATT&CK tactic of initial access through third-party relationships.
Disney’s internal communication platform, Slack, was similarly compromised, resulting in a leak of personal information for employees and customers of Disneyland and Disney Cruise. Hackers reportedly accessed around one terabyte of data, including millions of messages and thousands of documents. The breach is suspected to have involved social engineering methods, reflecting techniques associated with the MITRE ATT&CK framework, particularly those targeting human behavior to initiate unauthorized access.
In another significant case, AT&T, Verizon, and Lumen Technologies fell prey to an attack attributed to China-backed threat actors. The hackers reportedly lingered within these networks for months, tapping into systems utilized for wiretaps and internet traffic collection. This incident illustrates the MITRE tactic of persistence, where adversaries maintain long-term access to systems through undetected methods, possibly exploiting vulnerable routers as their entry point.
Ticketmaster also faced severe repercussions from a cyberattack that resulted in the loss of approximately 1.3TB of data, including over 560 million customer records. According to reports, hackers gained access through Winter, a cloud storage provider, by using stolen login credentials, a technique categorically highlighted in the MITRE ATT&CK framework as a form of credential compromise.
Shell’s data breach involved an attacker revealing access to its customer database, containing sensitive records such as names and login credentials. The incident stemmed from a third-party vendor that provided shopping services, indicating a need for increased scrutiny of third-party relationships to safeguard organizational data.
Prudential Insurance disclosed in early 2024 that a breach had compromised the personal information of 2.5 million customers. The breach was traced to a compromised employee account—a reminder of the importance of employee training to identify potential phishing and social engineering attempts. This incident highlights the MITRE ATT&CK techniques associated with initial access and goal-oriented credential theft.
These incidents collectively demonstrate that current cybersecurity measures are failing to protect organizations adequately. With estimated losses reaching $30 billion annually due to cybercrime, it is evident that threat actors are increasingly targeting not just systems, but also the individuals and processes that underpin operational security. To mitigate risks, organizations must adopt a proactive approach to cybersecurity. This includes rigorous employee training, continuous vulnerability assessments, and enhanced collaboration with third-party suppliers to address identified security gaps.
As the cybersecurity landscape continues to evolve, understanding the tactics employed by adversaries is essential for business owners. By focusing on prevention strategies that encompass people, processes, and technology, organizations can fortify their defenses against the ever-present threat of cyberattacks.
