Like in previous years, there was a series of significant data breaches in 2024 that underscored the ongoing vulnerabilities in digital systems worldwide. From corporate databases to governmental entities, these breaches highlight the wide-ranging implications of exposed data.
The Data Breaches That Defined 2024
“Mother of All Breaches” aka MOAB – Dumped Billions of Records
(26 billion records)
In January 2024, an unsecured Elasticsearch cluster containing aggregated breach data was discovered, earning the name “Mother of All Breaches” (MOAB). This massive dataset exposed email addresses, phone numbers, usernames, passwords, and other sensitive details across multiple domains, including qq.com and zeeroq.com. The public exposure of such vast datasets underscores the urgent need for stronger database security and access controls to prevent similar large-scale leaks.
National Public Data – Sensitive Info Goes Fully Public
(2.7 billion records)
In April 2024, a massive data breach exposed personally identifiable information (PII) of individuals, including phone numbers, full names, Social Security Numbers (SSNs), physical addresses, birth dates, and additional personal details. This data has been widely shared on the internet, emphasizing the importance of safeguarding sensitive information.
What This Breach Tells Us About the Future of Cybersecurity
The volume of the PII exposure in this breach highlights the growing risks of large-scale cyber incidents. Among this recaptured data were 272 million full and distinct Social Security numbers – some of the most sensitive identity data out there – that accounts for roughly 80% of the US population. With this data now widely shared online, traditional security methods like password resets and perimeter defenses are no longer sufficient to protect individuals and businesses from identity-based threats.
Cybercriminals are leveraging stolen identity data for sophisticated fraud, account takeovers, and phishing attacks at alarming rates. These evolving and on-going threats make it clear that security teams continue to have gaps in what exposures they may be privy to and how to best protect their organizations from these exposures. To combat this threat, teams need a more holistic approach to correlating and understanding the stolen data circulating about their users. Where traditional security measures fall short in only giving visibility into the corporate assets that have been exposed, a holistic identity threat protection approach gives defenders insights into the stolen data of their users – past and present, corporate and personal – to comprehensively assess the risks to their organization and implement automated remediation of this stolen data to stop cyberattacks.
As cyber threats evolve, organizations must shift from reactive responses to proactive strategies that disrupt attacks before they cause harm. The future of cybersecurity depends on embracing this adaptive, intelligence-driven approach to safeguard identities and critical assets.
PUREINCUBATION – B2B Nightmare
(132.7 million records)
On an unspecified date, a breach involving PUREINCUBATION, a U.S.-based lead generation database for B2B companies, was reported. The stolen data included physical addresses, usernames, full names, IP addresses, company names, job titles, email addresses, phone numbers, and passwords.
AT&T Subscriber Data – Old Data Resurfaces
(109.3 million records)
Although the data was originally exfiltrated in 2021, this breach surfaced on the darknet in 2024. It exposed subscriber information, including full names, phone numbers, physical addresses, SSNs, birth dates, and email addresses. This breach highlights the enduring risk posed by legacy data exposure.
The Post Millennial – News Outlets Targeted
(87.7 million records)
The Canadian media company The Post Millennial suffered a breach that included email addresses, full names, physical addresses, phone numbers, job titles, company names, IP addresses, geolocations, usernames, voter IDs, birth dates, passwords, API tokens, and more. This breach illustrates the risks faced by media organizations due to the large and detailed subscriber databases they possess.
MC2 Data – Hidden in Plain Sight
(43.6 million records)
In August, U.S.-based MC2 Data experienced a breach that exposed sensitive details, including physical addresses, birth dates, salts, credit card information, full names, email addresses, phone numbers, and passwords. The breach was privately shared, highlighting the covert nature of some data exposures.
Russian Traffic Police – Driving Data Directly into Criminal Hands
(33.9 million records)
A breach involving Russia’s Traffic Police exposed vehicle plate numbers, vehicle identification numbers, birth dates, passport numbers, physical addresses, full names, and phone numbers. Such breaches demonstrate the vulnerabilities within governmental systems.
Jiangxi Mobile PII – Another Massive PII Leak
(31.7 million records)
Last year, PII data allegedly belonging to consumers in China was leaked online. The data included phone numbers, full names, national IDs, physical addresses, genders, emails, and other personal information. This breach underscores the global nature of data exposure risks.
What These Breaches Tell Us About Data Security & Identity Exposure in 2025
Recent breaches make one thing clear: cybercriminals are not slowing down, and the challenges of data security continue to evolve. Attackers are still leveraging exposed credentials, recycling old breach data, and exploiting gaps in security hygiene to gain access to sensitive information. Despite ongoing efforts to strengthen defenses, the sheer volume of data at risk means that security teams must constantly adapt to an ever-changing threat landscape.
The key to staying ahead isn’t just responding to breaches – it’s taking proactive steps to prevent them. By continuously monitoring for compromised credentials, strengthening authentication measures, and adopting a holistic identity security strategy, organizations can better defend against evolving threats. As cybersecurity challenges grow, the focus must be on equipping teams with the tools and strategies needed to anticipate risks – especially those that stem from stolen identity data – and act before cybercriminals can take advantage.
Learn more about SpyCloud’s in-house security research team, SpyCloud Labs and their insights into the criminal underground.
Keep reading
