Data Breach Statistics By Types, Attacks, Industry, Geography, Customers and Facts
Joseph D'Souza
Updated · Jan 02, 2025
TABLE OF CONTENTS
- Introduction
- Editor’s Choice
- General Data Breach Statistics
- Types of Data Breach Statistics
- Share Of Data Breach Attacks Statistics By Industry
- Average Cost of Data Breach Statistics by Industry
- By Geography
- Top 10 Data Breach Statistics by Organizations, 2024
- Total Number Of Breached User Accounts Statistics
- Data Breach Cost Statistics
- Data Breach Because of Remote Working
- Data Breach Risk Statistics
- Historical Data Breach Statistics
- Mean Time to Identify and Contain Data Breaches Statistics
- Top Data Breach Statistics by Customers
- By Age Group, 2024
- US’s Biggest Data Breach Statistics by Impacts
- Top Causes of Security and Data Breach Statistics
- Factors Responsible for Undetected Breaches
- Conclusion
Introduction
Data Breach Statistics: Data breaches are known as unauthorized exposures of sensitive data, such as theft of individuals’ or organizations’ data. These incidents also include the theft of personal details, financial information, and confidential business data by cybercriminals seeking profit or disrupting services. The prevalence of digital data has made breaches more common, with attacks becoming increasingly sophisticated each year.
In addition to financial losses, data breaches can lead to reputational damage, legal repercussions, and loss of customer trust. In recent years, businesses and individuals have been heavily dependent on digital platforms; thus, strengthening cybersecurity measures is critical to safeguarding information and mitigating the risks associated with data breaches.
Editor’s Choice
- As of May 2024, the data breach report reveals that around 35,900,145,035 records were breached in 9,478 publicly disclosed incidents.
- Data Breach Statistics show that in 2024, the IT services and software industry secured the highest number of data breaches, 5,401,989,001.
- Meanwhile, the average global cost of a data breach will reach around USD 4.88 million by the end of 2024, representing a 10% increase from the previous year.
- During the same period, healthcare organizations continued to face significant challenges, with breach costs averaging USD 9.77 million.
- Similarly, Ransomware incidents have surged, with the average cost of recovery reaching USD 2.73 million in 2024.
- By the end of the year, approximately 15% of data breaches will involve supply chain compromises, up from 4% in 2020.
- Data Breach Statistics further elaborates that around 82% of data breaches involved data stored in the cloud for robust cloud security measures.
- The average time to identify a breach is 194 days, with a total lifecycle of 292 days from identification to containment.
- Moreover, human error remains a leading cause, contributing to 88% of cybersecurity breaches.
You May Also Like To Read
- Augmented Reality Statistics
- Metaverse Statistics
- Virtual Reality Statistics
- Quantum Computing Statistics
- Biometrics Statistics
- Ransomware Statistics
- Robocalls Statistics
- Data Breach Statistics
- Laptop Statistics
- Desktops Statistics
- Smartphone Statistics
- VoIP Statistics
General Data Breach Statistics
- Data breaches involving multiple environments have become the biggest concern in 2024, with 40% of breaches affecting data stored across various platforms.
- However, the highest average cost is USD 5.17 million per incident.
- As of 2024, organizations implementing AI and automation in their security protocols have saved USD 2.22 million per data breach.
- In the past year, 53% of companies reported experiencing data breaches linked to third-party vendors.
- To date, 64% of organizations claimed that web-based attacks have become a prevalent threat in the digital landscape.
- Data Breach Statistics also report that by the end of 2025, the annual cost of cybercrime will reach USD 10.5 trillion, reflecting a 15% annual increase from 2024.
- Yahoo experienced a data breach that compromised approximately 3 billion user accounts.
- In 2024, the average breach cost of USD 4.99 million worldwide.
- In 2021, the average cost of a “mega breach” remains between 50 million and 65 million records, resulting in USD 401 million.
Types of Data Breach Statistics
- Hacking/IT Incidents will account for approximately 45% of all data breaches in 2024.
- Similarly, phishing and social engineering contributed to about 22% of breaches.
- Other types of data breach share are stated as ransomware attacks (15%), insider threats (10%), and physical theft or loss (5%).
(Reference: secureframe.com)
- The manufacturing industry was the sector most affected by data breaches in 2024, with a 25.7% share.
- The next two industries impacted by data breaches are Finance and insurance (18.2%) and Professional, Business, and Consumer Services (15.4%).
- Data Breach Statistics state that the other industries with the highest shares of data breach attacks are Energy (11.1%), Retail and wholesale (10.7%), Healthcare (6.3%), Government (4.3%), Transportation (4.3%), Education (2.8%), and Media and telecommunications (1.2%).
Average Cost of Data Breach Statistics by Industry
- By the end of 2024, the healthcare industry will account for the highest average cost of a data breach, USD 10.93 million.
- The second and third-highest industries with data breach costs are financial (USD 5.9 million) and pharmaceuticals (USD 4.82 million).
Data Breach Statistics also elaborate on other industries’ average cost of data breaches in 2024 are mentioned below:
| Industry | Average Cost of Data Breach (USD Million) |
| Energy | 4.78 |
| Industrial | 4.73 |
| Technology | 4.66 |
| Professional Services | 4.47 |
| Transportation | 4.18 |
| Communications | 3.9 |
| Consumer | 3.8 |
| Education | 3.65 |
| Entertainment | 3.62 |
| Media | 3.58 |
| Hospitality | 3.36 |
| Retail | 2.96 |
| Public Sector | 2.6 |
By Geography
- It is estimated that in 2024, the United States of America will experience the highest average cost of data breaches, accounting for USD 9.48 million, followed by the Middle East region with USD 8.07 million.
The average costs of other geographical areas’ data breaches are represented as
| Country | Average Costs (USD million) |
| Canada | 5.13 |
| Germany | 4.67 |
| Japan | 4.52 |
| United Kingdom | 4.21 |
| France | 4.08 |
| Italy | 3.86 |
| Latin America | 3.69 |
| South Korea | 3.48 |
| South Africa | 2.79 |
| Australia | 2.7 |
| India | 2.18 |
| Scandinavia | 1.91 |
| Brazil | 1.22 |
Top 10 Data Breach Statistics by Organizations, 2024
| Months | Sector | Name of Organization | Location | Number of Breaches |
| January | Multiple | MOAB (mother of all breaches) | Many | >26,000,000,000 |
| Public | Far Eastern Research Center for Space Hydrometeorology | Russia | 2,000,000,000,000,000 | |
| Telecoms | Indian Mobile Network Consumer Database | India | 750,000,000 | |
| Telecoms | Telekom Malaysia | Malaysia | 200,000,000 | |
| – | Unknown Brazilian Organization | Brazil | >223,000,000 | |
| February | Telecoms | Zenlayer | USA | 384,658,212 |
| Professional Services | Pure Incubation | USA | 183,754,481 | |
| March | Multiple | 916 Google Firebase websites | USA | 124,605,664 |
| April | IT services and software | Discord (via Spy. pet) | USA | 4,186,879,104 |
| IT services and software | Baidu, Inc., Honor, Huawei, iFlytek, OPPO, Samsung Electronics, Tencent, Vivo and Xiaomi Technology | China | Up to 1,000,000,000 |
Total Number Of Breached User Accounts Statistics
(Reference: statista.com)
- A Statista report analyses the data and reports that in the third quarter of 2024, around 422.61 million accounts were breached globally.
- The total number of user accounts exposed in the first and second quarters of the year was 485.48 billion and 215.43 million, respectively.
- In the year 2023, the total number of user-breached accounts was Q1 (449.28 million), Q2 (146.33 million), Q3 (37.66 million), and Q4 (81.25 million).
You May Also Like To Read
- iPhone Vs. Android Statistics
- Google Pixel Smartphones Statistics
- iPhone vs Android Users Statistics
- Mesh Wi-Fi System Statistics
- Robots Statistics
- Western Digital Statistics
- Cloud Gaming Service Statistics
- Virtual Reality Headset Statistics
- AI in Robotics Statistics
- 3D Printers Statistics
- Smart City Statistics
- 3D Printing Statistics
Data Breach Cost Statistics
- The average total cost of a data breach in 2024 is USD 4.88 million.
- The average cost of a mega-breach involving 50 to 60 million records in 2024 is USD 375 million, reflecting a USD 43 million increase from 2023.
- The United States has the highest average total cost of a data breach in 2024, at USD 9.36 million, followed by the Middle East at USD 8.75 million.
- The average cost of a data breach with a lifecycle exceeding 200 days is USD 5.46 million.
- Detection and escalation costs in 2023 account for the largest share of breach costs, averaging USD 1.58 million.
- Organizations with a high level of noncompliance experience an average data breach cost of USD 5.05 million, which is 12.6% higher than the average.
- Healthcare data breaches remain the most expensive for 14 consecutive years, with an average cost of USD 9.77 million in 2024, a 10.6% decrease from the previous year.
- Phishing attacks incur an average cost of USD 4.88 million in 2024, slightly lower than the prior year.
- The average per-record cost of a data breach is USD 165, which is USD 1 higher than in 2022.
- Hospitals spend 64% more on advertising in the two years following a data breach (American Journal of Managed Care).
- 51% of data breach costs are incurred in the first year following the breach.
Data Breach Because of Remote Working
- Cyber scams increased by 400% in March 2020, making COVID-19 the largest-ever security threat.
- The average total cost of a data breach was USD 173,074 higher when a remote workforce was a factor in causing the breach.
- 91% of cybersecurity professionals reported an increase in cyberattacks due to remote working.
- Web application breaches account for 25% of all breaches, primarily involving stolen credentials and vulnerabilities.
Data Breach Risk Statistics
- The average cost of a data breach is USD 3.86 million, and this figure is trending upward.
- A cyberattack is projected to occur every 39 seconds.
- 81% of confirmed breaches in 2022 were due to weak, reused, or stolen passwords.
- 62% of breaches not involving an error, misuse, or physical action were caused by stolen credentials, brute force, or phishing.
- Nearly three-quarters of US small business owners reported experiencing a cyber-attack in 2022.
- The complexity of a security system has the biggest impact on the total cost of a data breach.
- 59% of financial services companies have more than 500 passwords that never expire, and nearly 40% have more than 10,000 ghost users.
- More than 64% of financial services companies have over 1,000 sensitive files accessible to every employee.
- On average, a financial services employee had access to 11 million files as of 2021.
- 58% of companies found more than 1,000 folders with inconsistent permissions.
- On average, 70% of all sensitive data in 2021 was considered stale.
- Only 5% of a company’s folders are protected.
- The most common distributed denial of service (DDoS) attack vectors in 2022 were NTP amplification, memcached, and UDP attacks.
- The average distributed denial of service (DDoS) attack lasted 68 minutes in 2023.
- Larger data breaches make organizations less likely to experience another breach in the following two years.
Historical Data Breach Statistics
- Cam4 recorded the largest data breach in history, with 10 billion user accounts compromised.
- In 2013, Yahoo suffered a massive data breach that affected all 3 billion of its user accounts.
- In 2019, First American Financial Corporation exposed 885 million records online, including sensitive data such as bank transactions and Social Security numbers.
- Facebook experienced a data breach in 2019, where 540 million user records were found exposed on an unsecured Amazon cloud server.
- In 2018, Marriott International disclosed a breach that impacted around 500 million guests, revealing personal details such as names, addresses, and phone numbers.
- The AdultFriendFinder network was hacked in 2016, compromising the private information of 412 million users.
- A data leak in 2017 from Deep Root Analytics revealed the personal information of nearly 200 million voters.
- Experian-owned Court Ventures accidentally sold access to a database containing up to 200 million records to a fraudulent Vietnamese service.
- Equifax disclosed a major breach in 2017, which exposed the personal details of 145.5 million accounts, including Social Security numbers, birthdates, and driver’s license information.
- In 2014, eBay was hacked, resulting in unauthorized access to 145 million user accounts.
- Heartland Payment Systems suffered a data breach between 2008 and 2009, compromising 130 million payment card records.
- A security breach at TJX Companies Inc. in 2007 led to the exposure of 94 million records, including credit and debit card details.
- In 2015, Anthem was targeted in a cyberattack that compromised 80 million health insurance records.
- Target experienced a breach in 2013 that exposed the personal details of 70 million customers.
- Data breaches in the first six months of 2019 alone resulted in the exposure of 4.1 billion records worldwide.
- Social media platforms accounted for 56% of all data breaches in the first half of 2018, highlighting the vulnerability of online social networks.
- In 2022, the United States reported 1,802 data breaches, with 422.14 million records being exposed.
- The largest insider attack occurred between 1976 and 2006 when Greg Chung, a Boeing employee, stole documents worth USD 2 billion related to aerospace technology and passed them to China.
- In 2005, the first data breach reported by the Privacy Rights Clearinghouse involved DSW Shoe Warehouse, exposing more than 1 million customer records.
- AOL was the first company targeted by phishing attacks in 1996, marking the beginning of modern online fraud.
- The Creeper virus, discovered in the early 1970s, was the first known computer virus and spread across connected systems.
- Cyberattacks are now considered one of the top 10 risks to global stability, affecting economies, governments, and individuals alike.
Mean Time to Identify and Contain Data Breaches Statistics
(Reference: statista.com)
- As mentioned in Data Breach Statistics in 2024, the average time to identify data breaches was 194 days, reflecting a 4% reduction from the previous year.
- Meanwhile, the average time companies required to contain breaches was 64 days.
- In 2023, the mean time to identify and contain data breaches was 204 days and 73 days, respectively.
You May Also Like To Read
- Network Attached Storage (NAS) Statistics
- Hacking Statistics
- Augmented Reality Glasses Statistics
- Virtual Reality Treadmill Statistics
- Uninterruptible Power Supply Devices (UPS) Statistics
- Social Engineering Statistics
- Podcast Statistics
Top Data Breach Statistics by Customers
- In March 2024, AT&T disclosed a significant data breach affecting approximately 7.6 million current and 65.4 million former customers, totaling around 73 million individuals.
Furthermore, the total number of breached customers based on different services is explained in the table below for 2024:
| Apps/Services | Number of breached customers |
| MOVEit | 77 million |
| Ticketmaster Entertainment, LLC | 560 million |
| Tile | 450,000 |
| Dell | 49 million |
| Bank of America | 57,000 |
By Age Group, 2024
| Age (years) | Data Breach Victim Share | Financial Loss Per Victim |
| 40 to 59 | 40% | USD 2,000 |
| 20 to 39 | 35% | USD 1,500 |
| 60 & above | 20% | USD 2,500 |
| 20 & below | 5% | USD 1,000 |
US’s Biggest Data Breach Statistics by Impacts
| Organizations | Number of Breaches |
| Yahoo | More than 3 billion user accounts |
| Microsoft | 30,000 American and 60,000 global companies |
| Real Estate Wealth Network | 1.5 billion records |
| First American Financial Corp. | 885 million file |
| Over 700 million user | |
| 530 million users | |
| FriendFinder Networks | 412 million accounts |
| MySpace | 360 million accounts |
| JPMorgan Chase | 76 million households and 7 million small businesses |
| Home Depot | 56 million payment card numbers and 53 million email addresses |
Top Causes of Security and Data Breach Statistics
(Source: truelist.com)
- Data Breach Statistics show that almost 85% of data breaches involve a human element.
- Similarly, the top causes of security breaches and data breaches are 61% (involving within credentials), 13% (Ransomware’s non-DoS incidents), and 3% (vulnerability exploitation).
Factors Responsible for Undetected Breaches
- Advanced Persistent Threats (APTs): Cybercriminals employ sophisticated, stealthy techniques to infiltrate systems and remain undetected for extended periods.
- Insufficient Monitoring and Logging: According to a 2024 report, organizations take an average of 204 days to identify a data breach.
- Human Error: In the same duration, human error will account for 88% of data breaches.
- Complex IT Environments: Around 40% of data breaches involved data stored across multiple environments.
- Resource Constraints: In 2024, 50% of organizations spent only 6% to 15% of their security budget on data security.
Conclusion
Data breaches are still a critical concern in 2024 due to the increasing number of online incidents that impact both individuals and organizations. The costs associated with breaches continue to rise, driven by factors like sophisticated cyberattacks, multi-environment vulnerabilities, and high-risk insider threats. Considering age-specific trends, young adults and middle-aged individuals are seen to remain mostly active internet users and thus become victims easily.
In contrast, older adults often suffer higher financial losses due to less knowledge about digital security advancements. Thus, organizations are now mitigating all data breach threats by implementing AI-driven security tools, increasing employee training, and focusing on robust data protection practices. This article on Data Breach Statistics Addressing these vulnerabilities is essential for safeguarding personal and corporate information.
Sources
FAQ.
How do data breaches happen?
Data breaches happen when hackers steal sensitive data by exploiting weak security, using malware, phishing, or insider leaks within companies.
What information is commonly stolen in a data breach?
A data breach commonly involves the theft of names, emails, phone numbers, addresses, Social Security numbers, and financial account details.
What should I do if my data has been breached?
If your data was breached, change passwords, monitor accounts closely, enable alerts, and consider identity theft protection services immediately.
How can companies prevent data breaches?
Companies can prevent data breaches by using strong passwords, training employees, updating software, monitoring systems, and limiting data access.
Joseph D'Souza
Joseph D'Souza started Coolest Gadgets in 2005 to share his love for tech gadgets. It has since become a popular tech blog, famous for detailed gadget's reviews and companies statistics. Joseph is committed to providing clear, well-researched content, making tech easy to understand for everyone. Coolest Gadgets is a trusted source for tech news, loved by both tech fans and beginners.
