In June 2024, the Vermont Office of the Attorney General disclosed a data breach affecting Santander Holdings U.S.A., which transpired between late April and early May 2024. The incident stemmed from unauthorized access to a third-party database, compromising employee personal information, including names, Social Security numbers, and bank account details. While the exact number of impacted individuals remains undisclosed, the breach exposed highly sensitive data, raising concerns over potential identity theft, financial fraud, and reputational harm. The breach did not involve customer data or ransomware demands, but the exposure of employee financial and identification records underscores significant internal vulnerabilities. Authorities and the company are likely investigating the scope of the breach, mitigation measures, and compliance with data protection regulations. The incident highlights risks associated with third-party vendor security and the critical need for robust access controls to safeguard employee data.

In 2024, AT&T suffered two major data breaches exposing highly sensitive customer information. The first breach (March 30, 2024) leaked names, addresses, phone numbers, email addresses, dates of birth, account passcodes, billing numbers, and Social Security numbers (SSNs) on the dark web, enabling identity theft and financial fraud risks. The second breach (July 12, 2024) involved unauthorized access to telephone numbers, call records, interaction frequencies, and cell site identification numbers via a third-party cloud platform. Some customers were affected by both incidents, with potential payouts reaching $7,500 per victim ($5,000 for SSN exposure, $2,500 for call data leaks). AT&T agreed to a $177 million settlement, one of the largest in telecom history, acknowledging the severity of the data exposure and its long-term risks, including fraud, reputational damage, and legal liabilities. The breaches impacted millions of current and former customers, with claims requiring documentation of losses. Final payouts depend on the total number of valid claims, with distribution expected in early 2026 post-court approval.