News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | Massive Data Breach at National Public Data Exposes Billions of Records

National Public Data confirmed a significant data breach that leaked names, Social Security numbers, and other personal information, affecting potentially billions of records. The breach is believed to have involved a third-party hacker, with data leaks occurring from late 2023 through summer 2024. NPD has cooperated with law enforcement but has not disclosed the number of affected individuals or offered compensation, advising people to monitor their credit reports.   Troy Hunt has a deep dive into this breach, as it’s a data aggregator, and it’s several partial data sets, making it particularly complicated if you’re interested in diving in further.  

Microsoft Azure’s AI Health Bot service was found to have critical vulnerabilities that allowed for privilege escalation and potential access to cross-tenant resources. These issues, identified by Tenable Research, were quickly patched but highlight risks associated with chatbot security. Exploitation could have enabled attackers to manage resources belonging to other Azure customers. The vulnerabilities stemmed from flaws in the service’s architecture, underscoring the need for secure development practices in the rapidly evolving AI landscape, especially in the healthcare sector, which is a prime target for cybercriminals.

The Hunters International ransomware group is targeting IT workers with a new malware called SharpRhino, a C# remote access trojan that facilitates initial infections and privilege escalation. It spreads through a typosquatting site mimicking a legitimate tool, and has been linked to notable cyberattacks against organizations like Austal USA and Hoya. The malware modifies system settings for persistence and can execute PowerShell commands, posing significant risks.

Six ransomware gangs accounted for over 50% of attacks in the first half of 2024, with LockBit 3.0 leading with 325 victims. Other notable gangs include Play, 8base, Akira, BlackBasta, and Medusa. Despite law enforcement efforts to disrupt these groups, ransomware infections have increased, and new strains like Brain Cipher have emerged, indicating a persistent and evolving threat landscape.   In 2024, ransomware costs have surged, with the largest known payment reaching $75 million. The median ransom payment has increased dramatically from $200,000 in early 2023 to $1.5 million by mid-2024.

Why do we care?

Given that NPD is a data aggregator, this breach’s impact is magnified by the aggregation of multiple datasets, making it difficult to assess the full extent of the damage. The fact that this breach went on for several months before being detected raises serious concerns about the adequacy of monitoring and security measures in place at data aggregators.  And why should they?    

Be warned about ransomware groups targeting IT.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories