Almost every month in 2024 brought headlines of major cyber attacks, data breaches, and ransomware incidents, many of which left a lasting impact. In this blog, we're recapping 10 of the most significant attacks from the past year.
2024 was a turning point for the global cybersecurity landscape. From critical service disruptions to large-scale data leaks, the year showed how devastating cyber threats have become.
Here are a few stats that highlight why 2025 demands stronger cybersecurity:
- 107% increase in IoT malware attacks (SonicWall Cyber Threat Report)
- 59% of organizations were hit by ransomware (Sophos, State of Ransomware 2024)
- 4,151% surge in phishing attacks since ChatGPT's public release (SlashNext)
- 8 million DDoS attacks recorded in just the first half of 2024 (Netscout)
- $4.88 million - the average cost of a data breach in 2024 (IBM/Ponemon)
Given the rising complexity of attacks, especially those targeting mobile platforms and critical infrastructure, organizations must prioritize regular app audits and security reviews.
Below, we've listed the Top 10 Cyber Attacks of 2024, chosen for their scale, severity, or global impact.
1. Change Healthcare Ransomware Attack
In February 2024, Change Healthcare, part of UnitedHealth Group, suffered a major ransomware attack by the BlackCat(ALPHV) group. The breach disrupted nationwide healthcare services, halting claims processing and forcing many patients to pay out-of-pocket for care.
The financial impact was massive-$2.87 billion in response costs and over $6 billion in support for affected providers. It was later confirmed that $22 million in ransom was paid to the attackers.
This incident exposed critical cybersecurity gaps in the healthcare sector, proving that such attacks can threaten not just data but access to essential medical services.
2. Snowflake Data Breach
In May 2024, Snowflake, the major cloud data platform, suffered a large-scale data breach that impacted over 100 customers, including AT&T, Ticketmaster, and Santander Bank.
The breach was linked to the Scattered Spider group, which used stolen employee credentials to access Snowflake systems. They exfiltrated billions of sensitive records, including call logs and personal customer data.
Attackers demanded ransoms between $300K and $5M from affected companies. The incident exposed major gaps in security practices, most notably the lack of multi-factor authentication (MFA) and poor credential hygiene.
3. UK Ministry of Defence Payroll Breach
In May 2024, the UK Ministry of Defence suffered a major data breach after a contractor-managed payroll system was compromised. The attack exposed sensitive data, including names, bank details, and home addresses, of around 270,000 current and former military personnel.
Defence Secretary Grant Shapps suggested the breach was likely the work of a foreign threat actor, with media reports pointing to China as a possible source.
This incident highlighted serious supply chain vulnerabilities, stressing the need for stronger cybersecurity measures when working with third-party providers, especially in sectors tied to national security.
4. Ascension Ransomware Attack
In May 2024, Ascension, one of the largest U.S. healthcare systems, was hit by a ransomware attack that severely disrupted operations across multiple states. The attack took down the MyChart EHR system, forcing staff to switch to manual processes.
The result: delayed treatments, diverted emergency services, and postponed surgeries, putting patient safety at risk. This incident once again underscored the healthcare sector's tech vulnerabilities and the real-world consequences of cyberattacks on critical care delivery.
5. MediSecure Breach Exposes Data of 12.9 Million Australians
Australian electronic prescription provider MediSecure fell victim to a major ransomware attack, compromising the personal and medical data of approximately 12.9 million people. The stolen information included names, birth dates, addresses, phone numbers, Medicare details, prescription data, and reasons for medication.
With 6.5 terabytes of data involved, the company was unable to pinpoint specific individuals affected. This breach now ranks among the largest in Australia's history, surpassing even the 2022 Optus hack, and highlights the growing cybersecurity risks facing the healthcare sector.
6. Synnovis-NHS Ransomware Attack Disrupts Thousands of Patient Services
On June 4, 2024, the UK's NHS declared a 'critical incident' after its pathology services provider, Synnovis, was hit by a ransomware attack carried out by the Qilin gang. The breach caused widespread disruption to vital services—blood transfusions, cancer treatments, test results, and even C-sections were delayed or canceled.
More than 1,100 elective procedures and over 2,000 outpatient appointments across major London hospitals were postponed. The attackers, reportedly demanding $50 million, leaked 400GB of sensitive data after the ransom wasn't paid.
The incident exposed significant vulnerabilities in the NHS supply chain, reinforcing the urgent need for stronger cybersecurity safeguards in critical healthcare infrastructure.
7. CrowdStrike Update Triggers Global Microsoft Outage
On July 19, 2024, a faulty update from CrowdStrike's Falcon Sensor software triggered a global Windows crash, showing users the infamous “Blue Screen of Death.” Around 8.5 million systems were affected, disrupting critical sectors like aviation, healthcare, banking, manufacturing, and retail.
Though not a cyberattack, the incident demonstrated the fragility of interconnected systems. TV stations went dark, flights were grounded, and services stalled worldwide.
CrowdStrike CEO George Kurtz apologized, citing a software bug. While a fix was issued swiftly, many organizations faced extended recovery times, some even needing manual resets. The event served as a stark reminder of the risks posed by software supply chain failures and the importance of having solid contingency plans in place.
8. Cyber Attack on Transport for London (TfL)
In September 2024, TfL suffered a cyber attack that disrupted services—most notably the Dial-A-Ride service for differently-abled passengers. Initially thought to be minor, investigations later revealed that personal data of around 5,000 customers, including addresses and banking details, had been compromised.
A 17-year-old was identified as the attacker and released on bail. To contain the breach, TfL restricted system access, which led to significant disruptions and financial losses totaling £30 million.
This incident highlighted the vulnerability of public infrastructure and the urgent need for stronger cybersecurity measures and preparedness across essential services.
9. Ivanti Zero-Day Flaws Trigger Global Cyber Crisis
In early 2024, serious security flaws were found in Ivanti's VPN products used by many businesses and government agencies. Hackers, including a suspected group from China, took advantage of these flaws to break into systems, install malware, and steal data.
Even after Ivanti released fixes, many attackers had already begun using the same weaknesses to target over 1,700 companies and organisations around the world.
As the situation worsened, U.S. authorities told government agencies to disconnect affected devices until they were fully secured. This incident showed how quickly cyber threats can spread and why it's important to fix security issues as soon as they're found.
10. Salt Typhoon Hack Hits U.S. Telecom Giants
In December 2024, suspected Chinese state-backed hackers known as Salt Typhoon launched major cyber attacks on U.S. telecom giants like AT&T, Verizon, T-Mobile, and Lumen.
Described as the “worst telecom hack in U.S. history,” the attackers accessed sensitive data, such as call records, locations, and even some voice recordings. High-profile figures, including Donald Trump, were reportedly affected.
In response, the U.S. government ramped up cybersecurity efforts. CISA issued urgent guidelines for telecom providers to strengthen defenses with encryption and real-time monitoring.
Final Thoughts
2024 was a wake-up call for the global cybersecurity community. From healthcare and government to telecom and cloud platforms, no sector was immune to disruption. These incidents underscore a critical truth: cyber resilience is no longer optional—it's essential. As threats grow more sophisticated, organizations must invest in stronger defenses, prioritize proactive security strategies, and ensure rapid incident response readiness in 2025 and beyond.
