Who wants my data, and why? What form is the next big data breach likely to take? Are we missing something really important when it comes to data security? The latest data breach statistics can give you some useful pointers on this.
Knowledge of data breach trends is especially useful for benchmarking, both in terms of organizational readiness to respond to current threats and the state of one's own data security knowledge.
With this in mind, take a look at our data breach stats roundup for the latest patterns, threat actor tactics, common security soft spots, response strategies, and more.
Data Breach Trends
Breaches are rising, and data breach statistics suggest that this is a major cause of concern for business owners.
Data Breach Growth Trends
1. There were 7.6 trillion intrusion attempts in 2023, a 20% increase on 2022.
2. Malicious intrusion attempts—i.e., attempts to gain access to an application with the intent of causing harm or compromising data—increased to 11.3 billion in 2023, a 6% increase from 2022.
3. In March 2024, over 299 million data records were compromised by threat actors, a 58% increase from the previous month and a 613% increase from 2023.
4. According to Surfshark estimates, more than 17 billion user accounts have been leaked worldwide from 2004 to date.
5. IT Governance identified 9,478 publicly disclosed data breach incidents between January and April 2024.
6. Around 36 billion data records were exposed between January and April 2024.
Impact of Data Breach Incidents
7. 40% of IT decision-makers predict “data breaches and data loss” as the biggest cyber security threats to their organization over the next 12 months.
8. 77% of internet users worldwide worry about personal and sensitive data being stolen.
9. 80% of companies in the US and 85% of companies in Asia, Europe, Africa, and Latin America say they’ve been successfully hacked in an attempt to steal, change, or make public important data.
10. In the first four months of 2024, healthcare was the most breached sector in terms of the number of publicly disclosed incidents, and IT services and software was the most breached sector in terms of the number of data records breached.
Who Are the Victims of Data Breaches?
Healthcare and finance come out on top of the sectors most affected by data breaches. However, it’s important to note that breaches impact all regions and industries.
Data Breaches by Country
11. US internet users are most exposed to data breaches. According to Surfshark’s analysis of the number of data points leaked per capita, the US ranks first.
12. The US has lost 37 data points per capita to breaches between 2004 and 2024.
13. Over the same period, Russia comes second with 30 data points lost per capita.
14. France ranks third with 22 data points lost per capita.
Data Breaches by Organization Size
15. Data breach attempts are more successful against smaller organizations. In fact, 85% of firms with fewer than 1,000 employees say their systems have been successfully penetrated, compared to 60% of larger companies.
16. 16% of small businesses hit by a cyber attack experience permanent loss of business-critical data.
17. 87% of small businesses collect or process customer data that could be compromised.
18. 42% of SMBs don’t back up critical data.
19. An estimated 90% of worldwide cybersecurity breaches occur in small businesses.
Data Breach Statistics by Industry Sector
According to Kroll, in 2023, finance was the most breached industry, accounting for 27% of all data breaches investigated.
20. In 2023, healthcare data breaches dropped to second place in the list of most attacked sectors. This industry accounted for 20% of data breaches.
Data breaches and the financial sector
21. In 2023, large financial organizations suffered an average of 50 known attacks—more than any other industry. 29% had experienced compromised customer accounts, and 28% had experienced data loss.
Data breaches and the healthcare sector
22. 97% of IT professionals in the healthcare sector have at least one ongoing concern relating to the security of patient data records.
23. In 2023, 55% of healthcare organizations globally experienced an accidental or deliberate data leak from internal sources, up from 49% in 2022.
24. 37% of healthcare security leaders believe legacy systems leave them more vulnerable to security breaches.
25. The healthcare sector suffers the highest average cost of major data breaches impacting large organizations ($5.3 million USD per breach).
26. Between 2020 and 2023, the average cost of a healthcare data breach increased by 53%.
Data breaches and the professional services sector
27. In a 2023 survey by AON, professional services leaders rated “cyber attacks and data breaches” as their number one current risk. It’s also seen as the most significant risk for the future.
28. 85% of professional services firms hold valuable data on customers, compared to 61% of businesses as a whole, making them a particularly attractive target for threat actors.
29. Large law firms experienced an average of 23 cyber incidents in 2023.
30. Four in ten law firms report experiencing a security breach in 2023. The most frequently cited consequences of a breach were loss of confidential client and other internal data and reputation damage.
31. Of law firms that experienced a security breach in 2023, 56% say they experienced a loss of confidential client data.
Data breaches and the retail sector
32. Retailers that demonstrate responsible data practices benefit from an increase in purchase intent of 23% compared to companies that cannot demonstrate those practices.
33. More than 60% of consumers would avoid shopping at locations that had recently experienced a data breach, and this figure rises to 73% among high-income consumers.
34. 83% of consumers agree or strongly agree with the statement, “These days, I think about whether I trust a company to keep my information safe before I buy something from them.”
35. One in every five ransomware attacks targets an online retail business.
36. In 2023, online retail businesses experienced a 264% surge in ransomware attacks.
37. 38% of retailers see cyber security and theft of customer data as one of the top three threats to their business.
Who is Behind Data Breaches?
External threat actors perpetrate the majority of data breaches. The motives behind such breach attempts are usually financial. Data breach statistics also show that user error plays a huge role in data breaches, both as a “way in” for deliberate threat actors and as an accidental breach.
Threat actor categories defined
External: Threats originating from outside the organization and its wider network. This includes organized crime gangs (OCGs), lone actors, and government or state-sponsored entities.
Internal: Threats arising from within the organization, including employees and contractors. Insiders enjoy at least some level of trust and/or privilege.
Partner: Any third party that shares a business relationship with the organization but is not under its direct control. Examples include software vendors, hosting service providers, component suppliers, and outsourced IT. To be classed as a threat actor, a partner has to initiate the incident.
External Data Breach Threats
38. External threat actors are responsible for an estimated 65% of data breaches.
39. Around 60% of threat actors are linked to organized crime.
40. Around 7% of threat actors are state-sponsored.
41. Around 90% of threat actors responsible for intentional data breaches are motivated by financial gain.
42. 7% of data breach threat actors are involved in espionage. This is mostly concentrated in public administration breaches.
Internal Data Breach Trends
43. Human error is a factor in 68% of all data breaches—i.e., including incidents instigated by external threat actors.
44. In 2024, internal threat actors are responsible for 35% of data breaches, up from 20% in 2023.
45. Between 2023 and 2024, there was a 28% increase in insider-driven data exposure, loss, leak, and theft events.
46. 76% of organizations have detected increased insider threat activity over the past five years, but less than 30% believe they have the right tools to handle it.
47. 90% of global cyber security professionals say insider threats are as difficult or more difficult to respond to than external threats.
48. 73% of business security leaders expect data loss from insider events to increase in the next 12 months.
49. The negligent insider is the root cause of most insider threat incidents. According to 2023 research by Ponemon, most (55%) are caused by careless employees.
50. 25% of insider threat incidents are caused by criminal or malicious insiders—i.e., employees or authorized individuals who misuse access for harmful, unethical, or illegal activities.
51. 20% of insider threat incidents are caused by credential theft—i.e., where threat actors steal users’ credentials to gain access to data and assets.
52. “Sending personal information to the wrong recipient via email” is involved in an estimated 45% of data breaches involving human error.
53. “Unintended release or publication of personal information” features in 16% of data breaches involving human error.
Cloud Computing and Supply Chain Data Breach Trends
54. Over 60% of the world’s corporate data is stored in the cloud.
55. In 2023, 82% of data breaches involved data stored in the cloud.
56. 39% of businesses experienced a data breach in their cloud environment in 2023, up from 35% in 2022.
57. 55% of IT leaders say aging data in the cloud is more complex than in on-premise environments.
58. 39% of data breaches span multiple on-premise and cloud environments.
59. Data breaches in hybrid cloud environments cost, on average, USD$440,000 less than public, private cloud, and on-premise models.
60. In 2024, 15% of all data breaches will involve a supply chain compromise (including third-party software vulnerabilities). This is up from 4% in 2020.
Methods of Data Breach
Data breach statistics highlight that no matter how robust a system is, it can often be undermined by something as simple as a compromised password or other stolen credentials. The figures also show that the ransomware threat to data remains strong.
Data Breaches and Use of Stolen Credentials
61. The use of stolen credentials is involved in 24% of data breaches.
62. Web application attacks account for around 25% of breaches. This consists largely of instances where threat actors leverage stolen credentials and vulnerabilities to get access to an organization’s assets.
63. Around 36% of all data breaches involve phishing.
64. Around half of the security leaders who experienced phishing attacks say that they had suffered compromised credentials and accounts.
65. Without proper training, a third of employees are susceptible to phishing scams.
Data Breaches, Malware, and Ransomware
66. In 2023, malware showed up in 40% of data breaches, up from 30% the previous year.
67. Ransomware is the most common form of malware. Ransomware is present in almost 70% of malware-related breaches and 23% of data breaches.
68. 45% of security leaders who had experienced phishing attacks say they’d been exposed to ransomware.
69. Email is the most popular attack vector for spreading ransomware, responsible for approximately 35% of all ransomware-related breaches.
70. Ransomware is present in 62% of all incidents committed by organized crime actors.
71. Ransomware is present in 59% of all incidents with a financial motivation.
72. Experts predict that by 2031, ransomware will attack an organization, consumer, or device every 2 seconds.
Impact of Data Breaches on Organizations
The majority of threat actors are most interested in personal data. The statistics also show that the average cost of a breach is high and rising.
Data Categories Impacted by Breaches
73. Data availability is affected in around 65% of breaches.
74. Data confidentiality is compromised in a third of all data breaches.
75. Personal data is compromised in around 60% of all data breaches, making it the most frequently affected data category.
76. IBM found that customer PII was the most commonly breached record type in 2023 (compromised in 52% of breaches), followed by employee PII (compromised in 40% of breaches).
77. Organizations within the financial services and insurance sector are most likely to suffer a compromization of personal data (i.e., personal identifying information) when hit with a data breach. Between November 2021 and 2022, personal data was compromised in 74% of cases where finance and insurance organizations suffered data breaches.
Cost of Data Breaches
78. In 2023, the average data breach cost to organizations was $4.45 million USD, a 2.3% increase from the 2022 figure of $4.35 million USD.
79. Small business owners often underestimate the cost of a data breach. In one survey, 70% of respondents thought they’d lose only $25,000 USD due to a successful data breach, and over half thought they’d lose less than $10,000 USD.
80. Between 2020 and 2024, the average data breach cost increased by 15.3%.
81. In 2024, 23% of global enterprise tech leaders say they’ve experienced more than $1M+ USD losses in a data breach in the past three years, compared to 16% in 2023.
82. Detection and escalation is the largest category of data breach costs, followed by lost business costs (i.e., business and revenue disruption, reputation losses, and diminished goodwill).
83. The cost of data breaches is at an all-time high, hitting $4.45 million in 2023.
84. The average cost-per-record of a data breach is $161 USD.
85. In healthcare, the average cost-per-record of a data breach is $10.93 USD. In the retail sector, the average cost-per-record is $2.60 USD.
Preventative Measures and Response Strategies
Recent data breach stats indicate that most organizations are well aware of the threats they face but are often ill-equipped to respond to them.
Organizational Readiness and Responsiveness
86. It takes organizations an average of 204 days to identify a data breach and 73 days to contain it.
87. Only a third of data breaches are discovered by security teams.
88. Two-thirds of data breaches are reported to the organization either by a benign party or by the attackers themselves.
89. When attackers disclose a breach (e.g., in a ransomware scenario), the average cost of the breach is $1 million USD more than internal detection.
90. The estimated cost of discovering and mitigating a phishing email is $31.32.
91. 76% of organizations plan to increase their cyber security investment in the next 12 months.
92. However, efforts by organizations to protect themselves are impeded by a shortage of skilled cybersecurity workers. According to the 2022 ISC2 Cybersecurity Workforce Study, an estimated 3.4 million more cyber security workers are needed to meet the needs of employers. This labour shortage-induced gap increased by 26.2% compared to 2021.
93. The 2023 Fortinet Cybersecurity Skills Gap Report suggests that 56% of organizations struggle to recruit, and 54% struggle to retain cyber talent.
94. Just 25% of tech executives within global enterprises agree that they “usually” incorporate data security and privacy features into products, services, and third-party relationships.
Security Measures in Place
95. Firewalls are the most commonly deployed technological defensive measure in response to the data breach threat. 61% of businesses already have firewall technology in place, and 23% plan to invest in it in the next 12 months.
96. 54% of organizations have network security monitoring tools in place.
97. 67% of businesses say they are “grappling with inadequate signature-based solutions” for dealing with the malware threat.
98. Many employees are not provided with updated security training when new technologies are introduced into the organization. 47% have yet to receive security training for instant messaging platforms or communication applications, with almost one in five failing to remember or find the relevant information.
AI and Data Breaches
99. Just 11% of IT managers currently use AI for threat detection, but 56% are optimistic about its future use.
100. AI tools may be able to identify 70% more malicious scripts than traditional techniques alone.
101. Almost half (46%) of senior security professionals believe that generative AI will increase their organization’s vulnerability to attacks, making it easier for threat actors to create and launch attacks.
Notable Data Breach Incidents
The Mother of All Breaches
In January 2024, the Mother of All Breaches (MOAB) came to light: an unprecedented leak of over 26 billion data records. Find out about more about the largest data breach to date here.
MOVEit Breach
When a sweeping wave of threat actors exploited a vulnerability within this popular file transfer service, the fallout impacted at least 60 million people in a massive data breach.
Conclusion
There’s no quick fix for securing a system or organization against data breaches.
Businesses are already aware of this, and it’s a big part of why cyber security professionals who know how to devise and implement a multi-layered defense strategy are in such high demand.
From pentesting through to governance, there’s a lot to cover here. Fortunately, when it comes to joining the dots and plugging the gaps in your knowledge, the StationX Accelerator Program can make things a lot easier.
Suitable for cyber security and infosec professionals of all levels, the program gives you instant access to 1,000+ training classes, virtual labs, exam simulations, and more. Whatever you need to become better equipped to respond to data breaches, it’s all here.
Frequently Asked Questions
Sources
- AON: ‘Top Risks Facing Professional Service Firms’ Article, November 2023
- BeyondTrust: ‘How Compromised Passwords Lead to Data Breaches’, Article, December 2023
- BRC: Crime Survey Report, 2024
- CISO Mag: ‘One in Three SMBs Rely on Free Cybersecurity Tools or Nothing’ Article, February 2020
- Code 42: Data Exposure Report, 2024
- CybSafe: ‘Only 1 in 10 Workers Remembers All Their Cyber Security Training’, Article, March 2023
- Enzoic: ‘Professional Services Firms are Vulnerable Targets’, Article, 2024
- Fastly: Global Security Research Report, 2023
- Fintech Times: ‘Financial Sector Under Siege…” Article, November 2023
- Fortinet: Cybersecurity Skills Gap Global Research Report, 2023
- HBR: ‘Why Data Breaches Spiked in 2023’, Article, February 2024
- IBM: Consumer Attitudes Towards Data Privacy, Survey, 2019
- IBM: Cost of a Data Breach, Report, 2023
- Ironscales: ‘How Much Does Phishing Cost Businesses?’ Article, November 2022
- (ISC) 2: Cyber Security Workforce Study, 2022
- IT Governance: Global Rate Breaches and Cyber Attacks in 2024, Article, May 2024
- IT Pro: ‘Cyber Attacks Surged in March…’, Article, April 2024
- Kroll: Data Breach Outlook, Report, February 2024
- Legal Dive: ‘Law Firm Security Breaches Are Fairly Common’, Article, January 2024
- Legal Futures: ‘Large Law Firms Experiencing Two Cyber Incidents a Month’, Article, October 2023
- Lloyd’s Register Foundation: World Risk Poll, Report, 2021
- NEBR Centre: ‘Cyber Security Threats in the Professional Services Sector’, Article, 2023
- PwC: Global Digital Trust Insights, Report, 2024
- Phriendly Phishing: ‘Top 5 Human Errors that Impact Cyber Security’, Article, 2023
- Ponemon Sullivan: Cost of Insider Risks, Report, 2023
- Proofpoint: State of the Phish, Report, 2024
- Retail Technology: Retail Resilience: Defending Against Cyber Attacks in the Age of Digital Transformation’, Article, November 2023
- Security Magazine: ‘More Than 60% of Consumers Would Avoid a Retailer Post-Breach’, Article, 2023
- Securonix: Insider Threat Report, 2024
- SonicWall: Cyber Threat Report, 2024
- SOTI: The Technology Lifeline, Report, 2023
- Surfshark: Global Data Breach Statistics
- Surfshark: Leaked Data Point Statistics, April 2024
- Thales: Cloud Security Study, 2023
- UpGuard: ‘What is the Cost of a Data Breach in 2023?’, Article, October 2023
- Verizon: Data Breach Investigations Report, 2023
- Verizon: Data Breach Investigations Report, 2024
- Yahoo Business Wire: ‘Deep Instinct Study Finds Significant Increase in Attacks Fueled By Gen AI’, Article, August 2023