2024 is looking like a banner year for identity thieves—and a pretty lousy one in that regard for pretty much anyone else.

The Identity Theft Resource Center (ITRC) says the number of data breaches in the first half of 2024 (about 1.1 billion) marks a 490% uptick over the first half of the year prior. The number of data breach victims in just the second quarter of 2024 (1 billion) represented a jaw-dropping 1,170% increase over Q2 2023. (For comparison, the total number of people impacted by data breaches in all of 2023 totaled slightly more than 353 million.)

The 2024 midyear report found 1,571 publicly reported data compromises in the first six months, a 14% increase from a year ago. The huge jump in victims, though, came from a small handful of attacks. Of particular note, the group cited the following:

• Breaches of some clients using the Snowflake cloud service accounted for more than 900 million victims.
• Infosys McCamish System saw a data breach in February that the company estimates affected 6 million people.
• Prudential Financial’s February 2024 breach impacted some 2.5 million people.

The actual number of victims could grow significantly. Not included in the 2024 figures are the victims of the Change Healthcare supply chain attack. Officials at that company have not given a specific number of victims in the breach, but did predict “a substantial number” of U.S. residents could be impacted.

“The trends we saw emerge in 2023 that led to a record-breaking year in compromises are continuing into 2024,” Eva Velasquez, president and CEO of the Identity Theft Resource Center, said in a statement. “The takeaway from this report is simple: Every person, business, institution, and government agency must view data and identity protection with a greater sense of urgency.”

Also concerning was the lack of clarity on a number of attacks. The ITRC says nearly 7 out of every 10 breaches did not disclose what sort of cyberattack they suffered, which could increase the chances of other businesses (and individuals) falling victim to the same methods.

Financial services companies have seen the biggest jump in the number of attacks so far this year, with a 67% increase. Healthcare companies were the second-most breached sector.

As for what the data thieves are looking for? The ITRC says driver’s license data was stolen in 25% of the breaches disclosed in the first half of this year. Data thieves increasingly use that information as an identity verification method for other sorts of fraudulent transactions.

The surge in victims follows a year that saw the largest number of data compromises on record, with 3,205 attacks reported by various companies.