As more and more companies experience crippling security breaches, the wave of compromised data is on the rise. Data breach statistics show that hackers are highly motivated by money to acquire data, and that personal information is a highly valued type of data to compromise. It’s also apparent that companies are still not prepared enough for breaches even though they are becoming more commonplace.
We’ve compiled 98 data breach statistics for 2022 that also cover types of data breaches, industry-specific stats, risks, costs, as well as data breach defense and prevention resources. Hopefully, this will help organizations understand the importance of data security and how to better allocate their security budgets.
Download the cybersecurity stats!
For more in-depth security insights check out our data breach whitepapers.
Cost of a Data Breach
It’s no secret that data breaches are costly for businesses. To calculate the average cost of a data breach, security institutes collect both the direct and indirect expenses suffered by the breached organization.
Direct expenses include forensic experts, hotline support, credit-monitoring subscriptions and potential settlements. Indirect costs include in-house investigations and communication, as well as customer turnover or diminished rates from a company’s impacted reputation after breaches. See below to find out just how expensive it is to experience a breach and what elements cause the cost to rise even more.
- The average total cost of a ransomware breach is $4.62 million, slightly higher than the average data breach of $4.24 million (IBM).
- The average per record (per capita) cost of a data breach increased by 10.3 percent from 2020 to 2021 (IBM).
- The average total cost for healthcare increased from $7.13 million in 2020 to $9.23 million in 2021, a 29.5 percent increase (IBM).
- In 2021, lost business opportunities represented the largest share of breach costs, at an average total cost of $1.59 million (IBM).
- The average cost of a breach with a lifecycle over 200 days is $4.87 million (IBM).
- 39 percent of costs are incurred more than a year after a data breach (IBM).
- In 2021, the United States was the country with the highest average total cost of a data breach was at $9.05 million (IBM).
- The average cost of a mega-breach in 2021 was $401 million for the largest breaches (50 – 65 million records), an increase from $392 million in 2020 (IBM).
- Annually, hospitals spend 64 percent more on advertising the two years following a breach (American Journal of Managed Care).
- The cost difference in breaches in which mature Zero Trust was deployed versus not was $1.76 million (IBM).
- The largest difference for breaches with a high level of compliance failures compared to a low level was $2.30 million (IBM).
Breaches by the Numbers
There are many factors to consider when preparing for and managing a data breach, such as the amount of time it takes to respond to a data breach and the reputational impact it has on your company. Read below to see how breaches happen, view average response times and learn other crucial information.
How Breaches Happen
- An average of 4,800 websites a month are compromised with formjacking code (Symantec).
- 34 percent of data breaches in 2018 involved internal actors (Verizon).
- 71 percent of breaches are financially motivated (Verizon).
- Ransomware accounts for nearly 24 percent of incidents in which malware is used (Verizon).
- 95 percent of breached records came from the government, retail and technology sectors in 2016 (TechRepublic).
- 36 percent of external data breach actors in 2019 were involved in organized crime (Verizon).
Average Response Time and Lifecycle
- It took an average of 287 days to identify a data breach (IBM).
- The average time to contain a breach was 80 days (IBM).
- Healthcare and financial industries had the longest data breach lifecycle — 329 days and 233 days, respectively (IBM).
- The data breach lifecycle of a malicious or criminal attack in 2020 took an average of 315 days (IBM).
- Microsoft Office files accounted for 48 percent of malicious email attachments (Symantec).
- From 2016 to 2018, the most active attack groups targeted an average of 55 organizations (Symantec).
- The global number of web attacks blocked per day increased by 56.1 percent between 2017 and 2018 (Statista).
- The number of data breaches in the U.S. has significantly increased within the past decade, from a mere 662 in 2010 to more than 1,000 by 2021 (Statista).
- In Q3 of 2018, office applications were the most commonly exploited applications worldwide(Statista).
- There was an 80 percent increase in the number of people affected by health data breaches from 2017 to 2019 (Statista).
- By stealing 10 credit cards per website, cybercriminals earn up to $2.2 million through formjacking attacks (Symantec).
Remote Work-Specific Data Breaches
As the world continues to work through the COVID-19 pandemic, businesses and industries fight to survive in every corner of the globe. The pandemic opened the pathway for cybercriminals who are able to target vulnerable victims in the healthcare industry, as well as those who are unemployed or working remotely. Here are a few of the most impactful data breach statistics related to the pandemic.
- The average total cost of a data breach was more than $1 million higher when working remote was a factor in causing the breach, compared to breaches in which working remote was not a factor (IBM).
- Organizations with more than 60 percent of employees working remotely had a higher average data breach cost than those without remote workers (IBM).
- When organizations did not adapt their IT to cope with the pandemic or make other similar changes, the average cost of a breach was $5.01 million, as compared to the global overall average of $4.24 million (IBM).
- Estimates show there were as many as 192,000 coronavirus-related cyberattacks per week in May 2020 alone, a 30 percent increase compared to April 2020 (Unisys).
- In 2021, 98 percent of point-of-sale data breaches in the hospitality industry were financially motivated (Verizon).
- Confirmed data breaches in the healthcare industry increased by 58 percent this year (Verizon).
- Web application breaches account for 43 percent of all breaches and have doubled since 2019 (Verizon).
- In May, 33,000 unemployment applicants were exposed to a data security breach through the Pandemic Unemployment Assistance program (NBC).
- A data breach of federal disaster loan applications impacted 8,000 small business owners after their applications were exposed (U.S. PIRG).
- Cyber scams increased by 400 percent in the month of March 2020, making COVID-19 the largest-ever security threat (Reed Smith).
Data Breach Risk
IBM’s Cost of a Data Breach Report found that the average cost of a data breach is $3.86 million and moving in an upward trend. This data in particular validates the importance of investing in preventative data security. See the data breach risk statistics below to help quantify the effects, motivations and causes of these damaging attacks.
- As of 2021, a financial services employee has access to 11 million files (Varonis).
- The average distributed denial of service (DDoS) attack grew to more than 26 Gbps, increasing in size by 500 percent (Nexusguard).
- In the first quarter of 2020, DDoS attacks rose more than 278 percent compared to Q1 2019, and more than 542 percent compared to the last quarter (Nexusguard).
- 9,637 attacks were between 10 Mbps and 30 Mbps (Nexusguard).
- More than 64 percent of financial service companies have 1,000-plus sensitive files accessible to every employee in 2021 (Varonis).
- On average in 2021, 70 percent of all sensitive data was considered stale (Varonis).
- 58 percent of companies found more than 1,000 folders that had inconsistent permissions (Varonis).
- Only five percent of a company’s folders are protected (Varonis).
- 59 percent of financial services companies have more than 500 passwords that never expire, and nearly 40 percent have more than 10,000 ghost users (Varonis).
- Small businesses account for 28 percent of data breach victims (Verizon).
- More than 80 percent of breaches within hacking involve brute force or the use of lost or stolen credentials (Verizon).
- A cyberattack occurs every 39 seconds (University of Maryland).
- The larger the data breach, the less likely the organization will have another breach in the following two years (IBM).
- Human error causes 23 percent of data breaches (IBM).
- 62 percent of breaches not involving an error, misuse or physical action involved the use of stolen credentials, brute force or phishing (Varonis).
In the rapidly evolving field of data security, it’s vital that business owners stay informed of all potential issues. Below are the projected cybersecurity incidents that may occur in the coming years.
- By 2025, cybercrime is estimated to cost $10.5 trillion globally, increasing by 15 percent year over year (Cybersecurity Ventures).
- Attackers will zero in on biometric hacking and expose vulnerabilities in touch ID sensors, facial recognition and passcodes (Experian).
- Skimming isn’t new, but the next frontier could feature an enterprise-wide attack on a national network of a major financial institution, resulting in the loss of millions of dollars (Experian).
- It is predicted that a major wireless carrier will be attacked with a simultaneous effect on both iPhones and Androids. Cybercriminals could steal personal information from millions of consumers, possibly disabling all wireless communications in the United States (Experian).
- A cloud vendor may suffer a breach, compromising the sensitive information of hundreds of Fortune 1,000 companies (Experian).
- The online gaming community will be an emerging hacker surface, with cybercriminals posing as gamers and gaining access to the computers and personal data of trusting players (Experian).
Historical Data Breach Statistics
Some of the biggest data breaches recorded in history are from 2005 and on. Once governments and businesses moved from paper to digital storage, data breaches became more commonplace.
In 2005 alone, there were 136 data breaches reported by the Privacy Rights Clearinghouse, and more than 4,500 data breaches have been made public since then. However, it’s reasonable to believe the actual number of data breaches is likely much higher, as some of the data breaches reported by the Privacy Rights Clearinghouse have unknown numbers of compromised records. The 2014 Verizon Data Breach Investigation alone reported 2,100 data breaches, with 700 million exposed records.
Below, we have provided a list of data breach statistics that led up to and launched the age of data infiltration.
- The first computer virus, known as Creeper, was discovered in the early 1970s (History of Information).
- In 2005, the Privacy Rights Clearinghouse began its chronology of data breaches (Symantec).
- The first-ever data breach in 2005 (DSW Shoe Warehouse) exposed more than one million records (Symantec).
- The largest insider attack occurred between 1976 to 2006 when Greg Chung of Boeing stole $2 billion worth of aerospace documents and gave them to China (NBC).
- AOL was the first known victim of phishing attacks in 1996 (Phishing).
- As of 2015, 25 percent of global data required security but was not protected (Statista).
- In 2017, one of the three major U.S. credit reporting agencies, Equifax, accidentally exposed 145.5 million accounts, including names, social security numbers, dates of birth, addresses and, in some cases, driver’s license numbers of American consumers (Symantec).
- Social media data breaches accounted for 56 percent of data breaches in the first half of 2018 (ITWeb).
- Over the past 10 years, there have been 300 data breaches involving the theft of 100,000 or more records (Forbes).
- The United States saw 1,244 data breaches in 2018 and had 446.5 million records exposed (Statista).
- Data breaches exposed 4.1 billion records in the first six months of 2019 (Forbes).
- As of 2019, cyberattacks are considered among the top five risks to global stability (World Economic Forum).
Largest Recorded Data Breaches
Data breaches are becoming more and more common, and some of the most recent data breaches have been the largest on record. Here’s a look at the largest data breaches in history.
- Yahoo holds the record for the largest data breach of all time, with three billion compromised accounts (Statista).
- In 2019, First American Financial Corp. had 885 million records exposed online, including bank transactions, social security numbers and more. (Gizmodo)
- In 2019, Facebook had 540 million user records exposed on the Amazon cloud server (CBS).
- In 2018, a Marriott International data breach affected roughly 500 million guests (New York Times).
- In 2016, the AdultFriendFinder network was hacked, exposing 412 million users’ private data (ID Strong).
- Experian-owned Court Ventures inadvertently sold information directly to a Vietnamese fraudster service, involving as many as 200 million records (Forbes).
- In 2017, data of almost 200 million voters leaked online from Deep Root Analytics (CNN).
- In 2014, eBay was hacked, resulting in access to 145 million records (Yahoo).
- In 2008 and 2009, Heartland Payment Systems suffered a data breach, resulting in the compromise of 130 million records (Tom’s Guide).
- In 2007, a security breach at TJX Companies Inc. compromised 94 million records (Information Week).
- In 2015, Anthem experienced a breach that compromised 80 million records (Anthem).
- In 2013, Target confirmed a breach that compromised 70 million records (KrebsOnSecurity).
Data Breach Prevention
There are various proactive approaches you can take to lower your chances of experiencing a breach. Identifying cybersecurity risks to your data is a good place to start. See how companies are shifting their budgets and priorities to protect their assets and customers from cyberattacks.
- 63 percent of companies have implemented a biometric system or plan to implement one (Veridium).
- 17 percent of IT security professionals reported information security as the largest budget increase for 2018 (ZDNet).
- 80 percent of organizations intended to increase security spending for 2018 (ZDNet).
- It was predicted that global cybersecurity spending would exceed $1 trillion cumulatively between 2017 to 2021 (Cybersecurity Ventures).
- Worldwide, IT security spending in 2019 was projected to grow 8.7 percent compared to 2018 (Gartner).
- For the first time since 2013, ransomware declined 20 percent overall but was up by 12 percent for enterprise companies (Symantec).
- Budget allocation to hardware-based security services, which generally lack both portability and the ability to effectively function in virtual infrastructure, has fallen from 20 percent in 2015 to 17 percent. (451 Research).
- MSSPs, which can replicate certain security operational functions, saw modest budget allocation growth at the end of 2017 to 14.7 percent, but security professionals expected that stake would grow to 17.3 percent by 2021 (451 Research).
Definition of a Data Breach
A data breach is any incident in which confidential or sensitive information has been accessed without permission. Note: data does not have to have been exfiltrated from the network to be considered a breach. Breaches are the result of a cyberattack by criminals who gain unauthorized access to a computer system or network. They then steal the private, sensitive, or confidential personal and financial data of the customers or users contained within.
Common cyberattacks used in data breaches are:
The Origin of Data Breaches
Although data breaches seem more prevalent nowadays because of cloud computing and increased digital storage, they have existed as long as companies have maintained confidential information and private records. However, publicly-disclosed data breaches increased in frequency in the 1980s, and awareness of data breaches grew in the early 2000s.
According to the Office of Inadequate Security, in 1984 the global credit information corporation known as TRW (now called Experian) was hacked and 90 million records were stolen. In 1986, 16 million records were stolen from the Canada Revenue Agency.
Most public information on data breaches only dates back to 2005. In 2020, multiple surveys showed that more than half of Americans were concerned about data breaches during natural disasters, as well as personal safety resulting from the pandemic. Data breaches today tend to impact millions of consumers in just one companywide attack.
How do Data Breaches Occur?
A data breach occurs when a cybercriminal infiltrates a data source and extracts confidential information. This can be done by accessing a computer or network to steal local files or by bypassing network security remotely. While most data breaches are attributed to hacking or malware attacks, other breach methods include insider leaks, payment card fraud, loss or theft of a physical hard drive of files, and human error. The most common cyber attacks used in data breaches are outlined below.
Ransomware is software that gains and locks down access to vital data. Data is encrypted in files and systems, and a fee — commonly in the form of cryptocurrency — is demanded to regain access to them.
Common Target: Enterprise companies and businesses
Malware, commonly referred to as “malicious software,” is a term that describes any program or code that harmfully probes systems. Malware is designed to infect your computer and commonly masquerades as a warning against harmful software. The fake warning attempts to convince users to download varying types of software, and while it does not damage the physical hardware of systems, it can steal, encrypt or hijack computer functions.
Malware can penetrate your computer when you are navigating hacked websites, downloading infected files, or opening emails from a device that lacks anti-malware security.
Common Target: Individuals and businesses
Phishing scams are one of the most common ways hackers gain access to sensitive or confidential information. Phishing involves sending fraudulent emails that appear to be from a reputable company, with the goal of deceiving recipients into either clicking on a malicious link or downloading an infected attachment, usually with the intent of stealing financial or confidential information.
Common Target: Individuals and businesses
Denial of Service (DoS)
Denial of Service is a cyber attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to the internet. It is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
Common Target: Sites or services hosted on high-profile web servers, such as banks
Data Breach Defense + Prevention Resources
Companies need to examine lessons from the GDPR and update their data governance practices as more iterations are expected in the coming years. It’s crucial to properly set permissions on files and remove stale data.
Keeping data classification and governance up to par is instrumental to maintaining compliance with data privacy legislation like HIPAA, SOX, ISO 27001 and more. Today, modern solutions offer great protection and a more proactive approach to security to ensure the safety of sensitive information.
Examine your data breach response plan and try a free risk assessment to see where your vulnerabilities lie.
The following resources offer additional information on the improvement of data protection and tips for data breach prevention.
- Varonis Red Alert Data Breach Report
- Varonis 2021 Financial Data Risk Report
- Verizon’s Data Breach Investigations Report (DBIR)
- IBM’s 2020 Cost of a Data Breach Report
- DataLossDB, maintained by the Open Security Foundation
- Ponemon Institute
- Data Breach Risk Calculator
- Identity Theft Resource Center
- RiskBased Mid-Year Data Breach Report
Data Breach Insurance Types
In order to mitigate the risk that comes along with data loss, many companies are now purchasing data breach insurance to support their data breach prevention and mitigation plans. Data breach insurance helps cover the costs associated with a data security breach. It can be used to support and protect a wide range of components, such as public relations crises, protection solutions and liability. It may also cover any legal fees accumulated from the breach.
Common types of data breach insurance are:
With many different kinds of consequences that occur due to a data breach, significant time and money will be spent to recover. From recovering data and notifying stakeholders, first-party insurance covers the following:
- Investigating costs
- Notifying all affected parties
- Fielding inquiries
- Tools to help affected parties
Third-party insurance is primarily used by contractors and IT professionals to lessen their liability. The covered expenses may include things such as the following:
- Lawyers’ fees
- Judgments and liability
- Other court costs such as witness fees, docket fees, etc.
Data Breach Statistics FAQs
Below are some of the most frequently asked questions about data breaches with answers supported by data breach statistics and facts.
How many data breaches occur?
A: The Privacy Rights Clearinghouse keeps a chronology of data and public security breaches dating back to 2005. The actual number of data breaches is not known. The Privacy Rights Clearinghouse estimated that there have been 9,044 public breaches since 2005, however more can be presumed since the organization does not report on breaches where the number of compromised records is unknown.
What was the biggest data breach in history?
A: Yahoo holds the record for the largest data breach of all time with 3 billion compromised accounts (Statista).
How many data breaches were there in 2020?
A: There were 3,950 confirmed data breaches in 2020 (Verizon).
How much does a data breach cost?
A: As of 2020, the average total cost of a data breach is $3.86 million (IBM).
What is the average size of a data breach?
A: 25,575 records (IBM).
Regardless of industry, there’s no question that data security and defense is highly valuable for companies in the digital economy we live in. Assess your business’s cybersecurity risk to make company-wide changes and improve overall security behavior.
Avoid being a data breach statistic by doing everything possible to protect your business from experiencing a breach. For more information on data security platforms learn how data protection solutions could positively impact your business.
What you should do now
Below are three ways we can help you begin your journey to reducing data risk at your company:
- Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
- Download our free report and learn the risks associated with SaaS data exposure.
- Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Twitter, Reddit, or Facebook.
Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.