Hackers Don’t Need Keys if Companies Leave Cyber Doors Open

The data breaches of 2024 made it clear that enterprise cybersecurity is no longer just a reactive IT issue — it’s a core business challenge.

One that isn’t going away any time soon, as revealed by the news Friday (Jan. 24) that the estimated total number of individuals impacted by last February’s Change Healthcare cyberattack is “approximately 190 million.” That’s “approximately” 1 in 2 Americans.

The number is nearly double the 100 million estimate that UnitedHealth, Change Healthcare’s parent, had shared earlier, underscoring how attackers can exploit interconnected systems and expand their reach exponentially once inside an organization. The Change Healthcare cyberattack, attributed to the BlackCat cybercriminal group, also known as ALPHV, resulted in the theft of 6 terabytes worth of protected health information (PHI) and personally identifiable information (PII).

The ransomware gang separately encrypted Change Healthcare’s servers, demanding a $22 million ransom for access, which UnitedHealth Group paid.

Change Healthcare is far from alone in being targeted by cybercriminals. Allegheny Health Network, a 14-hospital academic medical system, filed a complaint, also on Friday, against IT contractor IntraSystems LLC, accusing it of failing to secure the personal data of 293,000 patients stolen in an unauthorized breach.

Elsewhere, a data breach at hotel management platform Otelier had the downstream impact of exposing the booking data of customers from high-profile hotel chains, including Hilton and Marriott; while a separate data breach at cloud-based education software provider PowerSchool resulted in the theft of the data of millions of school students.

Taken together, these breaches not only exposed vulnerabilities in systems thought to be secure but also underscored the evolving tactics of cybercriminals and the need for equally dynamic defenses.

Read also: Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks

With businesses increasingly digitized, the stakes for protecting customer data have never been higher.

According to the December edition of the PYMNTS Intelligence report, “The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses,” the percentage of chief operating officers (COOs) reporting their companies have adopted AI-powered automated cybersecurity management systems tripled, reaching 55% in August 2024, up from about 17% last May. Each of the COOs surveyed for the report represents an organization that generates more than $1 billion in annual revenue.

Complicating the landscape is ongoing uncertainty around whether data encryption should cover data at rest, in transit or even in use. This potentially leaves room for organizations to claim they’re compliant even while using what may be described as outdated or insufficient encryption protocols relative to contemporary AI-powered solutions.

After all, as evidenced by 2024’s ransomware 3.0 attacks, cybercriminals are moving beyond just encrypting data and demanding ransom. Now, they are engaging in “triple extortion” schemes — threatening to release sensitive data, disrupt services and target customers or partners directly.

“It is essentially an adversarial game; criminals are out to make money and the [business] community needs to curtail that activity. What’s different now is that both sides are armed with some really impressive technology,” Michael Shearer, chief solutions officer at Hawk, told PYMNTS.

Read more: Making Sense of Why SOC 2 Compliance Matters for Payments

As attackers become more resourceful, businesses must adopt a mindset of continuous improvement, staying ahead of threats with innovation and vigilance.

To truly secure sensitive data, organizations can considering integrating comprehensive encryption strategy that addresses all stages of the data lifecycle: encrypting data at rest, defending data in transit and protecting active data in use.

Still, for smaller firms with fewer resources, standing up a cutting-edge cyber perimeter can cut too deep into margins and be a challenging resource allocation to argue for.

The latest findings from PYMNTS Intelligence’s The 2025 Certainty Project revealed that mid-market firms are also disproportionately affected by cybersecurity threats, leading to financial losses and a more pessimistic outlook. What’s more, the financial disruptions from cyber threats often delay or cancel mid-market tech initiatives. More than 8 in 10 high-uncertainty firms (81%) report stalled innovation due to cybersecurity challenges.

“Fraudsters are always going to fraud,” Radar CEO and Co-founder Nick Patrick told PYMNTS. “But with the right tools, businesses can stay one step ahead.”

The post Hackers Don’t Need Keys if Companies Leave Cyber Doors Open appeared first on PYMNTS.com.