Let’s face it, each year, cybersecurity faces tougher challenges. In 2024, cybercriminals targeted everything from hospitals to defense agencies, delivering some of the most devastating attacks yet. Major breaches exposed millions of personal records, crippled essential services, and racked up billions in costs. These weren’t just technical failures, they had serious real-world consequences, leaving patients without care, troops at risk, and businesses scrambling to recover.
1. Lurie Children's Hospital
Cyberattacks on healthcare facilities are becoming increasingly common. Taking place in early 2024, a cyberattack forced a Children’s Hospital in Chicago to shut down its entire network, disrupting phone lines, emails, and access to medical records. Investigators later determined the attack compromised the personal data of nearly 800,000 individuals, including Social Security numbers, medical diagnoses, and prescription information.
The hospital remained open throughout the outage but faced major disruptions, including the shutdown of its MyChart patient portal, leaving many parents frustrated. It took several weeks to restore phone lines, emails, and electronic medical records, with the hospital finally declaring the threat resolved on May 20.
The Rhysida ransomware group allegedly carried out the attack, reportedly making over $3 million from selling stolen data. Lurie Children’s Hospital stated that it did not pay a ransom and worked with law enforcement to investigate the breach.
2. UK Ministry of Defense
Back in May of 2024, a major cyberattack on Britain’s Ministry of Defense (MoD) exposed the personal details of approximately 270,000 current and former armed forces members. The breach targeted a contractor-run payroll system, compromising names, bank details, and even some home addresses.
Officials believe vulnerabilities in the contractor’s payroll software may have facilitated the breach. The attack has sparked political tensions, with lawmakers demanding stronger cybersecurity measures to protect sensitive defense data.
3. AT&T
In April 2024, AT&T revealed a massive cyberattack that exposed the personal data of millions of customers.
Between April 14 and April 25, hackers accessed call and text records from May 2022 to October 2022, impacting at least 10 million Americans. While AT&T confirmed no sensitive information like Social Security numbers was stolen, the breach still raised concerns over privacy.
4. Change Healthcare
In February of 2024, Change Healthcare a major processor of U.S medical claims and subsidiary of UnitedHealth Group was targeted by a hacking group by the name of BlackCat (ALPHV). The group breached the company’s systems, stealing sensitive data and deploying ransomware that brought operations to a standstill.
The attack caused widespread disruption in healthcare services across the country, halting electronic payments and medical claims processing. Patients were left paying out-of-pocket for medications and treatments, creating chaos in an already strained system.
This was one of the most significant cyber attacks of 2024, not just for its impact on healthcare services but also for its staggering financial toll. UnitedHealth Group estimated that response efforts cost the company around $2.87 billion, in addition to over $6 billion in assistance provided to affected healthcare providers. The UnitedHealth CEO Andrew Witty confirmed that the company had also paid a $22 million ransom.
5. ADT Alarm
ADT fell victim to a cyberattack when an intruder gained access to its systems using compromised credentials from a third party. The breach caused significant disruptions to the company’s internal systems, though details on how and when the intrusion occurred remain under wraps. This is the second cyberattack ADT has faced in just two months, following a similar incident in August that exposed sensitive customer order information.
In this latest attack, the hacker accessed encrypted internal data, mainly related to employee accounts. Thankfully, ADT confirmed that no customer personal information or security systems were compromised. The company quickly responded, containing the breach, alerting the third party involved, and rolling out countermeasures to protect its operations.
6. TfL (Transport for London)
This past September, a cyber attack on Transport for London (TfL) caused major disruptions, hitting differently-abled passengers who relied on Dial-A-Ride the hardest. At first, TfL believed no data had been stolen, but further investigation revealed that hackers had accessed the personal details of around 5,000 customers, including home addresses and banking information.
Fearing a ransomware attack, TfL’s IT team quickly locked down systems to limit the damage, but this led to major service disruptions and heavy financial losses. The attack ended up costing TfL £30 million, with £5 million spent in just three months on recovery and boosting cybersecurity defenses. A 17-year-old was identified as the hacker and later released on bail.
7. Texas Tech University
Between September 17 and September 29, 2024 attackers gained unauthorized access to Texas Tech University’s Health Sciences Centers, including the Health Sciences Center in El Paso. The breach caused a temporary disruption of critical computer systems and applications, as the intruders accessed or removed various files and folders across the university’s network. This access exposed a wide range of sensitive information, affecting over 1.4 million individuals.
The data varied but included personal details such as names, dates of birth, addresses, and Social Security numbers, along with more sensitive information like driver’s license numbers, financial account data, and health records. In response to the breach, Texas Tech University immediately launched an investigation, securing its infrastructure and reviewing the affected systems in detail to identify what information had been exposed and who it belonged to.
A Wake Up Call
The need for stronger security has never been clearer. These breaches are a wake-up call—no system is untouchable, and the cost of being unprepared is steep. Companies and institutions must step up their defenses before the next attack makes headlines.
Interested in a cybersecurity consultation or want to assess the strength of your systems? Contact CATS Technology. Our team can help identify vulnerabilities and ensure your business is equipped with the right protections against cyber threats.
