Data Breaches and Cyber Attacks in the USA in January 2024 – 78,215,855 Records Breached

IT Governance USA’s research found the following for January 2024:

  • 336 publicly disclosed security incidents (7% of all incidents globally)
  • 78,215,855 records known to be breached

This month saw a significant drop in known records breached compared to December 2023, but considering that more than 1.6 billion records were breached then, that’s not overly surprising.

The much bigger surprise is that only 7% of incidents happened in the USA – a significant drop from previous months’ reporting. This is due to the historic 26-billion record leak, commonly referred to as the ‘mother of all breaches,’ or MOAB.

This massive breach affected 3,876 organizations, which we collectively logged as ‘multiple’ for geographical location. So, although a good number of those organizations are USA-based, the consequence of this methodology is that none of them were recorded as such.

We made this decision in part due to the resource required to log all 3,876 individually, and in part because it didn’t seem right to treat a COMB (compilation of many breaches) like this in the same way as a ‘normal’ incident. As a result, all remaining incidents in this report truly are new ones, first coming into the public domain in January 2024.

When the MOAB is excluded from the global figures, the USA share of this month’s incidents rises to 44%, which is more in line with the typical figures we record.


Free PDF download: Data Breach Dashboard

For a quick, one-page overview of this month’s findings, please use our Data Breach Dashboard:

Note: The global incident metrics have excluded the MOAB to avoid skewing the data.

You can also download this and previous months’ Dashboards as free PDFs here.

This blog provides further analysis of the data we’ve collected. We also provide an annual overview and analyze the longer-term trends in our 2024 overview of publicly disclosed data breaches and cyber attacks in the USA.

You can learn more about our research methodology here.


Top 5 biggest breaches

Note: Where ‘around,’ ‘about,’ etc. is reported, we record the rounded number. Where ‘more than,’ ‘at least,’ etc. is reported, we record the rounded number plus one. Where ‘up to,’ etc. is reported, we record the rounded number minus one.

1. loanDepot reports 16.6 million individuals’ sensitive data breached

Earlier this month, mortgage lender loanDepot reported suffering a cyber attack that caused an IT disruption. On January 22, the company announced in a SEC filing that an “unauthorized third party” gained access to “sensitive personal information” of about 16.6 million individuals in its systems. The filing didn’t specify the types of sensitive data breached.

Data breached: 16.6 million individuals’ personal data.

2. More than 15 million lines of data from Trello leaked

More than 15 million lines of data relating to users of the project management tool Trello were posted online on January 16, including names, usernames, and email addresses. The data set was compiled by scraping the Trello site using a publicly accessible API (application programming interface).

In other words, the attacker submitted usernames and email addresses that had been compromised in other breaches to the Trello API, which confirmed whether those email addresses were associated with active Trello accounts. The attacker could then compile the data set of Trello users.

The API has since been made more secure by requiring authentication.

Data breached: 15,115,516 lines.


Sector overview

For our monthly analyses, we just look at the top 5 most breached sectors in the USA by number of incidents and by known number of records breached.

We provide a full sector breakdown in our annual report.

Top 5 most breached sectors (by number of incidents)

Note: To make this table as informative as possible, the percentages exclude the ‘multiple,’ ‘other,’ and ‘unknown’ sectors.

Top 5 most breached sectors (by number of records)


Security Spotlight

To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our weekly newsletter: the Security Spotlight.

Every Tuesday, you’ll get a short email with:

  • Industry news, including a round-up of the week’s publicly disclosed data breaches and cyber attacks in the USA
  • Our latest research and statistics
  • Free useful resources
  • Upcoming webinars
  • Other ways we can help