Hackers stole over 3 billion credentials in 2024

In 2024, hackers stole over 3.2 billion credentials from businesses around the world, according to a new report from Flashpoint. This represents a 33% increase from the previous year. Most of these credentials were taken using malware known as "infostealers." The report highlights that 75% of the stolen credentials were acquired through these malicious tools, which have infected more than 23 million devices globally. The most widespread infostealer, called Redline, alone infected nearly 10 million hosts in 2024. Ransomware attacks also grew in 2024, increasing by 10%. This follows an alarming 84% rise in such attacks the year before, marking 2024 as an exceptionally challenging year for cybersecurity. Businesses faced over 400 million unwanted and harmful emails. Even when ransomware groups are disrupted, new ones quickly emerge. This shows how adaptable and resilient the cyber threat landscape is, making it more difficult for security teams to keep up. The report noted that there were 6,670 public data breaches in 2024, exposing over 16.8 billion records. Ian Gray, a VP at Flashpoint, commented on the double-edged nature of technology today. He pointed out that the cybersecurity field will face new challenges, especially with advancements in AI and more sophisticated social engineering tactics. Cybercriminals will continue adapting, but so will defenses and law enforcement efforts.