2024 Top Third-Party Data Breaches and Lessons Learned 

Introduction 

As more businesses depend on third party vendors and service providers, the risk of data breaches from these partners is growing quickly. A recent 2024 Third Party Risk Management study revealed that 61% of companies have experienced third-party data breaches over the past year—a 49% increase from 2023 and three times higher than in 2021. It’s a clear wake-up call that stronger Third-Party Risk Management (TPRM) solutions are needed to protect supply chains, cloud systems and sensitive data. 

The increase in third-party breaches comes down to a few factors. Companies now rely heavily on external vendors to manage sensitive data, perform critical functions, and maintain IT infrastructures. However, many vendors do not follow strict security protocols, leaving data more vulnerable to cyberattacks. As these attacks become more sophisticated, businesses must adopt advanced enterprise risk management practices to protect themselves from potential threats. 

Third-Party Data Breaches in 2024 

Here’s a look at nine recent data breaches in 2024, along with key lessons businesses can take from each incident. 

1. Truist Bank Data Breach (October 2024) 

• What Happened? A third-party debt collection service provider for Truist Inc., Financial Business and Consumer Solutions, Inc. (FBCS), experienced a breach that exposed Truist Bank’s sensitive data. 
• Data Compromised: Sensitive Truist Bank information, including client data, was exposed to unauthorized access. 
• 💡 Tip: This highlights the importance of vetting third party vendors for strong security practices, as the risks posed by third-party service providers can have significant consequences for your business. To minimize these risks, continuous monitoring of third party data and risk handling is essential. Using a third-party risk management software like Alliance TPRM can help automate and streamline the process, providing real-time, continuous monitoring of your vendors’ security practices. 

2. Toyota Data Breach (September 2024)  

• What Happened? In a major Toyota breach, a cybercriminal group known as ZeroSevenGroup hacked into an undisclosed third party supplier of Toyota’s U.S. branch, leaking 240GB of sensitive data on a hacking forum. 
• Data Compromised: This Toyota security incident exposed customer and employee data, contracts, financial information, and network credentials. 
• 💡 Tip: Securing both internal networks and third-party systems is essential. Strong encryption and access controls should be in place to limit the risk of exposure. 

3. Infosys McCamish, Bank of America Data Breach (September 2024) 

• What Happened? Infosys McCamish, a subsidiary handling insurance and financial services for major clients like Bank of America and Fidelity, was hit by the Lockbit ransomware, leading to the exposure of sensitive customer data. 
• Data Compromised: Financial and personal data of Bank of America and Fidelity customers. 
• 💡 Tip: Organizations need robust incident response plans and regular vulnerability assessments, particularly when handling high volumes of financial data. Ransomware defenses must include advanced threat detection systems. 

4. Fortinet Data Breach (August 2024) 

• What Happened? Unauthorized access to a third party cloud-based file drive used by Fortinet exposed customer data. 
• Data Compromised: The Fortinet breach exposed limited data related to a small number of their customers 
• 💡 Tip: Businesses must ensure their third-party cloud storage solutions implement stringent security measures, including multi-factor authentication (MFA) and regular audits. 

5. CMS/WPS Insurance Breach (July 2024) 

• What Happened? The Centers for Medicare & Medicaid Services (CMS) notified nearly a million Medicare beneficiaries of a breach at a CMS contractor that handles Medicare claims, Wisconsin Physicians Service Insurance Corporation (WPS). The breach occurred due to a vulnerability in MOVEit software, a third-party application used by WPS for transferring files for Medicare. 
• Data Compromised: Protected health information (PHI) and personally identifiable information (PII) of Medicare beneficiaries (name, social security number, taxpayer identification number, date of birth, Medicare beneficiary identifier, health insurance claim number, etc.) 
• 💡 Tip: Regular patching and software updates are critical to prevent known vulnerabilities from being exploited. Vendor security testing is essential to reduce exposure to such risks. 

6. Ticketmaster Breach (July 2024) 

• What Happened? Ticketmaster suffered a data breach after an unauthorized third party obtained access to customer payment and account information from a cloud database hosted by a third-party data services provider. 
• Data Compromised: Ticketmaster payment info and personal data, including credit card details and account information of customers, were exposed. 
• 💡 Tip: Implementing strict access control measures and conducting regular cloud audits can help mitigate the risk of unauthorized access. 

7. Shopify Data Breach (July 2024) 

• What Happened? Shopify experienced a breach due to a third-party app’s vulnerability, exposing customer information. 
• Data Compromised: Customer data like Shopify IDs, full names, email addresses, mobile phone numbers, order counts, total money spent, SMS and email subscriptions. 
• 💡 Tip: Ensure that third-party applications integrated into platforms like Shopify follow strict security protocols. Continuous monitoring and vulnerability scanning of third-party apps is critical to reduce the risks of unauthorized data access. 

8. American Express Data Breach (June 2024) 

• What Happened? A third-party merchant processor exposed American Express credit card data due to a security lapse. 
• Data Compromised: The Amex data breach exposed customer credit card data, putting individuals at risk for fraud. 
• 💡 Tip: Payment processors must strictly adhere to PCI DSS (Payment Card Industry Data Security Standard). Card companies should implement robust monitoring to detect fraud early. 

9. Cisco Duo Security Breach (May 2024) 

• What Happened? A telecom provider experienced a phishing attack and exposed Cisco Duo MFA codes. 
• Data Compromised: Cisco Duo MFA authentication codes and logs were accessed by attackers. 
• 💡 Tip: Even multi-factor authentication (MFA) solutions are vulnerable to phishing attacks, necessitating additional layers of defense such as phishing-resistant MFA solutions and better user education. 

How Alliance Can Help Prevent Third-Party Data Breaches 

To mitigate the growing risk of third-party breaches, companies must adopt a robust Third-Party Risk Management (TPRM) solution. Alliance TPRM is a risk management software specifically for third party vendors and suppliers. It offers businesses an easier and more efficient way to manage vendors, ensuring compliance with information security and regulatory standards. 

With Alliance, you can streamline the whole cycle of the supply chain risk management process: 

1. Vendor Risk Assessment: Automatically assess potential vendors with detailed risk assessments to ensure they meet stringent security and compliance standards before engagement. 
2. Continuous Monitoring: Alliance provides real-time monitoring of third-party activities, enabling quick detection of any potential risks or compliance issues. 
3. Risk Identification: Use AI to identify and address vulnerabilities early, facilitating proactive measures to prevent disruptions to the supply chain. 
4. Centralized Management: Easily manage all supplier documents (contracts, certificates, compliance reports, etc.) on one platform for improved operational efficiency. 
5. Regulatory Compliance: Ensure that vendors comply with security and ESG governance standards.  

By integrating a solution like Alliance TPRM, businesses can prevent third-party breaches, protect sensitive data, and maintain strong vendor relationships.