As more and more companies experience crippling security breaches, the wave of compromised data is on the rise. Data breach statistics show that hackers are highly motivated by money to acquire data, and that personal information is a highly valued type of data to compromise. It’s also apparent that companies are still not prepared enough for breaches even though they are becoming more commonplace.
In fact, the 2019 Data Risk Report found that companies still keep thousands of files unprotected and open for anyone inside the company to access. Let’s take a look back at some of the most impactful and damaging data breaches statistics on record and take a deep dive into the origin of data breaches.
Download the full Data Risk Report.
We’ve compiled 107 data breach statistics for 2020 that also cover types of data breaches, industry-specific stats, risks, costs, as well as data breach defense and prevention resources. Hopefully, this will help organizations understand the importance of data security and how to better allocate their security budgets.
For more in-depth security insights check out our data breach whitepapers.
- Origin of Data Breaches
- How Data Breaches Occur
- 2020 Infographic
- Defense + Prevention Resources
- Data Breach Statistic FAQ
What is a Data Breach?
A data breach is any incident where confidential or sensitive information has been accessed without permission. Breaches are the result of a cyberattack where criminals gain unauthorized access to a computer system or network and steal the private, sensitive, or confidential personal and financial data of the customers or users contained within.
The U.S. Department of Justice defines a breach as “the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, access for an unauthorized purpose, or other unauthorized access, to data, whether physical or electronic.”
Common cyber attacks used in data breaches are:
The Origin of Data Breaches
Although data breaches seem more prevalent nowadays due to cloud computing and increased digital storage, they have existed as long as companies have maintained confidential information and private records. However, publicly disclosed data breaches increased in frequency in the 1980s and awareness of data breaches grew in the early 2000s.
According to the Office of Inadequate Security website, in 1984 the global credit information corporation known as TRW (now called Experian) was hacked and 90 million records were stolen. In 1986, 16 million records were stolen from Revenue Canada.
Most public information on data breaches only dates back to 2005. In 2019, surveys showed that over half of Americans were concerned about data breaches in the healthcare industry, making data security a top concern for consumers and companies. Data breaches today tend to impact millions of consumers in just one attack on a company.
In a recent data breach literacy survey that ran in October 2019, Varonis found that 64% of Americans have never checked to see if they were affected by any major data breach. 56% said they wouldn’t know what to do if their information was involved in a data breach.
How Do Data Breaches Occur?
A data breach occurs when a cybercriminal infiltrates a data source and extracts confidential information. This can be done by accessing a computer or network to steal local files or by bypassing network security remotely. While most data breaches are attributed to hacking or malware attacks, other breach methods include insider leaks, payment card fraud, loss or theft of a physical hard drive of files and human error. The most common cyber attacks used in data breaches are outlined below.
Ransomware is software that gains access to and locks down access to vital data. Files and systems are locked down and a fee is demanded commonly in the form of cryptocurrency.
Common Target: Enterprise companies and businesses
Malware, commonly referred to as “malicious software,” is a term that describes any program or code that harmfully probes systems. The malware is designed to harm your computer or software and commonly masquerades as a warning against harmful software. The “warning” attempts to convince users to download varying types of software, and while it does not damage the physical hardware of systems, it can steal, encrypt or hijack computer functions.
Malware can penetrate your computer when you are navigating hacked websites, downloading infected files or opening emails from a device that lacks anti-malware security.
Common Target: Individuals and businesses
Phishing scams are one of the most common ways hackers gain access to sensitive or confidential information. Phishing involves sending fraudulent emails that appear to be from a reputable company, with the goal of deceiving recipients into either clicking on a malicious link or downloading an infected attachment, usually to steal financial or confidential information.
Common Target: Individuals and businesses
Denial of Service (DoS)
Denial of Service is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. It is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
Common Target: Sites or services hosted on high-profile web servers such as banks
Historical Data Breach Statistics
Some of the biggest data breaches recorded in history were from 2005 or later. Once governments and businesses moved from paper to digital, data breaches became more commonplace.
In 2005 alone there were 136 data breaches reported by the Privacy Rights Clearinghouse and more than 4,500 data breaches have been made public since then. However, it is fair to believe the actual number of data breaches is likely higher since some of the data breaches that the Privacy Rights Clearinghouse reports on have unknown numbers of compromised records. The 2014 Verizon Data Breach Investigation alone reported on 2,100 data breaches where 700 million records were exposed.
Below we have provided a list of data breach statistics that led up to and launched the age of data infiltration.
- The first computer virus, known as “The Creeper,” was discovered in the early 1970s (History of Information).
- In 2005 the Privacy Rights Clearinghouse began its chronology of data breaches (Symantec).
- 2005 is the year the first data breach (DSW Shoe Warehouse) exposed more than 1 million records (Symantec).
- The largest insider attack occurred from 1976 to 2006 when Greg Chung of Boeing stole $2 billion worth of aerospace documents and gave them to China (NBC).
- AOL was the first victim of phishing attacks in 1996 (Phishing).
- As of 2015, 25% of global data required security but was not protected (Statista).
- In 2017, one of the three major U.S. credit reporting agencies Equifax exposed 145.5 million accounts including names, Social Security numbers, dates of birth, addresses, and, in some cases, driver’s license numbers of American consumers (Symantec).
- Social media data breaches accounted for 56% of data breaches in the first half of 2018 (IT Web).
- Over the past 10 years, there have been 300 data breaches involving the theft of 100,000 or more records (Forbes).
- The United States saw 1,244 data breaches in 2018 and had 446.5 million exposed records (Statista).
- Data breaches exposed 4.1 billion records in the first six months of 2019 (Forbes).
- As of 2019, cyber-attacks are considered among the top five risks to global stability (World Economic Forum).
Largest Data Breaches in History + Other Examples
Data breaches are becoming more and more common and some of the most recent data breaches have been the largest on record to date. Here’s a look at the largest data breaches in history.
- Yahoo holds the record for the largest data breach of all time with 3 billion compromised accounts (Statista).
- In 2019, First American Financial Corp. had 885 million records exposed online including bank transactions, social security numbers and more. (Gizmodo)
- In 2019, Facebook had 540 million user records exposed on the Amazon cloud server (CBS).
- In 2018, Marriott International data breach affected roughly 500 million guests (New York Times).
- In 2016, for reasons of poor security, Adult Friend Finder Network was hacked exposing 412 million users private data (Zero Day).
- Experian-owned Court Ventures sold information directly to a Vietnamese fraudster service involving as many as 200 million records (Forbes).
- In 2017, data of almost 200 million voters leaked online from Deep Root Analytics (CNN).
- In 2014, Ebay was hacked, accessing 145 million records (Yahoo).
- In 2008 and 2009, Heartland Payment Systems suffered a data breach resulting in the compromise of 130 million records (Tom’s Guide).
- In 2007, the security breach at T.J. Maxx Companies Inc. compromised 94 million records (Information Week).
- In 2015, Anthem experienced a breach that compromised 80 million records (Anthem).
- In 2013, Target confirmed a breach that compromised 70 million records (KrebsOnSecurity).
Recent Data Breaches + Statistics
With 2,013 confirmed data breaches in 2019, we’ve outlined some of the most recent and impactful security breaches of the year. This data indicates the recency and widespread impact data breaches are having on compromising sensitive information.
- On January 16, 2019, a flaw within the popular video game Fortnite exposed players to being hacked. The game has 200 million users worldwide, 80 million of whom are active each month (IdentityForce).
- On March 21, 2019, Facebook admitted that since 2012 it has not properly secured the passwords of as many as 600 million users (IdentityForce).
- On April 2, 2019, personal information of current and former faculty, students, staff and student applicants of Georgia Tech was accessed by a hacker through a central database. The database affected by the breach contained names, addresses, Social Security Numbers and birth dates of 1.3 million individuals and was the university’s second breach in less than a year (IdentityForce).
- Microsoft admitted a data breach of its non-corporate email services. The breach, which lasted from January 1 to March 28, 2019, allowed hackers to access email accounts by misusing Microsoft’s customer support portal (IdentityForce).
- On May 20, 2019, more than 49 million Instagram influencers, celebrities, and brands had their private contact information exposed after an India-based social media marketing company left the data unprotected on an Amazon Web Services database (IdentityForce).
- On September 27th, 2019 food delivery service DoorDash confirmed a data breach through a third party vendor exposing the information of 4.9 million customers, delivery workers, and merchants (IdentityForce).
- On October 26, 2019, the account information of 7.5 million users on Adobe Creative Cloud was exposed due to an unprotected online database (IdentityForce).
- On December 19, 2019, over 267 million Facebook usernames, Facebook IDs, and phone numbers were exposed (IdentityForce).
Data Breach By The Numbers
There are many factors to consider when preparing for and managing a data breach, like the amount of time it takes to respond to a data breach and the reputational impact it has on your company. Read below to see how breaches happen, average response times and other crucial information.
- Healthcare and public sector spent the most time in the data breach lifecycle, 329 days and 324 days, respectively (IBM).
- The average time to identify a breach in 2019 was 206 days (IBM).
- The average time to contain a breach was 73 days (IBM).
- The global number of web attacks blocked per day increased by 56.1% between 2017 and 2018 (Statista).
- Office applications were the most commonly exploited applications worldwide in Q3 of 2018 (Statista).
- There was an 80% increase in the number of people affected by health data breaches from 2017 to 2019 (Statista)
- 34% of data breaches in 2018 involved internal actors (Verizon).
- 71% of breaches are financially motivated (Verizon).
- 36% of external data breach actors in 2019 were involved in organized crime (Verizon).
- 95% of breached records came from the government, retail, and technology in 2016 (Tech Republic).
- An average of 4,800 websites a month are compromised with formjacking code (Symantec).
- By stealing only 10 credit cards per website, cyber criminals earn up to $2.2 million through formjacking attacks (Symantec).
- 48% of malicious email attachments are Microsoft Office files (Symantec).
- In 2019, c-level executives were twelve times more likely to be the target of social incidents and nine times more likely to be the target of social breaches than in years past (Verizon).
- Ransomware accounts for nearly 24% of incidents where malware is used (Verizon).
- From 2016 to 2018, the most active attack groups targeted an average of 55 organizations (Symantec).
- The data breach lifecycle of a malicious or criminal attack in 2019 took an average of 314 days (IBM).
Cost of a Data Breach
It’s no secret that data breaches are costly for a business. To calculate the average cost of a data breach, security institutes collect both the direct and indirect expenses suffered by the breached organization.
Direct expenses include forensic experts, hotline support and providing free credit monitoring subscriptions and potential settlements. Indirect costs include in-house investigations and communication, as well as customer turnover or diminished rates due to companies’ reputations after breaches. See just how expensive it is to experience a breach and what elements cause the cost to rise.
- In 2019, while finance and payment companies saw the largest drop in share performance post-breach, prices fall 7.27% on average after a breach (Comparitech).
- Healthcare is the most expensive industry for a data breach at $6.45 million (IBM).
- The global average cost of a data breach is $3.9 million (IBM).
- Data suggests that cybercrime cost businesses over $2 trillion total in 2019 (Juniper).
- The average cost per lost or stolen record in a data breach is $150 (IBM).
- A breach lifecycle under 200 days costs $1.2 million less than a lifecycle over 200 days (IBM)
- 67% of costs occur in the first year of a data breach (IBM).
- The formation of an incident response team reduces the cost of a data breach by an average of $360,000 (IBM).
- In 2019, the country with the highest average total cost of a data breach was the United States at $8.19 million (IBM).
- In 2019, smaller organizations had higher costs relative to their size than larger organizations. The total cost for organizations with more than 25,000 employees averaged $204 per employee (IBM).
- In 2019, companies able to detect and contain a breach in less than 200 days spent $1.2 million less on the total cost of a breach (IBM).
- The average cost of lost business for organizations in the 2019 stud was $1.42 million, which represents 36% of the total average cost of $3.92 million (IBM).
- A mega breach of 1 million records has an average total cost of $42 million, a growth of 8% from 2018 (IBM).
- A mega breach of 50 million records has an average total cost of $388 million, a growth of almost 11% from 2018 (IBM).
- Hospitals spend 64% more annually on advertising over the two years following a breach (American Journal of Managed Care).
Data Breach Risk
IBM’s Cost of a Data Breach Report found that the average total cost of a data breach is $3.92 million and moving in an upward trend. This data, in particular, validates the reason to invest in preventative data security. See the data breach risk statistics below to help quantify the effects, motivations and causes of these damaging attacks.
- In 2019, on average, every employee had access to 17 million files and 1.21 million folders (Varonis).
- 77% of security and IT professionals indicated they do not have a cybersecurity incident response plan applied consistently across the enterprise (IBM).
- The overall volume of IoT attacks remained high in 2018 and routers and connected cameras were the most infected devices and accounted for 75% and 15% of the attacks respectively (Symantec).
- The average distributed denial-of-service (DDoS) attack grew to more than 26Gbps, increasing in size by 500% (Nexusguard).
- 53% of companies found over 1,000 sensitive files accessible to every employee (Varonis).
- 15% of companies found more than 1 million folders open to every employee (Varonis).
- 80% of companies with over 1 million folders found over 50,000 folders open to every employee (Varonis).
- 95% of companies found over 100,000 folders that contained stale data (Varonis).
- On average, 50% of user accounts are stale (Varonis).
- 58% of companies found over 1,000 folders that had inconsistent permissions (Varonis).
- Only 5% of a company’s folders are protected (Varonis).
- 38% of all users sampled have a password that never expires (Varonis).
- 43% of data breach victims are small businesses (Verizon).
- 22% of data breaches in 2017 involved the use of stolen credentials (Verizon).
- 36% of compromised data in 2017 was personal information like name, birthday, and gender (Verizon).
- 90% of malware comes from emails (Verizon).
- More than 70 million records were stolen or leaked from poorly configured S3 buckets in 2018 (Symantec).
- Supply chain attacks rose by 78% in 2018 (Symantec).
- A cyberattack occurs every 39 seconds (University of Maryland).
- The larger the data breach, the less likely the organization will have another breach in the following two years (IBM).
- 24% of data breaches are caused by human error (IBM).
- Nearly one in ten targeted attack groups use malware to destroy or disrupt business operations (Symantec).
- 62% of breaches not involving an error, misuse, or physical action involved the use of stolen credentials, brute force, or phishing (Varonis).
- Routers and connected cameras make up 90% of infected devices (Symantec).
Projections of Data Breaches
In the rapidly evolving field of data security, it’s vital that business owners stay informed of all potential issues. Below are the projected cybersecurity incidents that may occur in the coming years.
- It is estimated that a business will fall victim to a ransomware attack every 11 seconds by 2021 (Herjavec Group).
- Cybercrime is estimated to cost the world $6 trillion annually by 2021 (Cybersecurity Ventures).
- Attackers will zero in on biometric hacking and expose vulnerabilities in touch ID sensors, facial recognition and passcodes (Experian).
- Skimming isn’t new but the next frontier is an enterprise-wide attack on a national network of a major financial institution, which can cause millions in losses (Experian).
- A major wireless carrier will be attacked with a simultaneous effect on both iPhones and Android, stealing personal information from millions of consumers and possibly disabling all wireless communications in the United States (Experian).
- A cloud vendor will suffer a breach, compromising the sensitive information of hundreds of Fortune 1000 companies (Experian).
- The online gaming community will be an emerging hacker surface, with cybercriminals posing as gamers and gaining access to the computers and personal data of trusting players (Experian).
Data Breach Insurance Types
In order to mitigate the risk that comes along with data loss, many companies are now purchasing data breach insurance. Data breach insurance helps cover the costs associated with a data security breach. It can be used to support and protect a wide range of components, such as public relations crises, protection solutions and liability. It may also cover any legal fees accumulated from the breach. Below are a few statistics highlighting the growing necessity for cyber insurance.
- Cyber risk is the number one concern for risk managers in the United States (Actuary).
- In the United States, 34 percent of companies owned a stand-alone cyber insurance policy in 2017 (Statista).
- 44 percent of corporate clients said they had discussed their cyber insurance coverage with their insurance broker (Statista).
- The main reason SMEs and large entities purchased cyber insurance was for risk transfer in 2018 (Statista).
Common types of data breach insurance are:
With many different kinds of consequences that occur due to a data breach, significant time and money will be spent to recover. From recovering data and notifying stakeholders, first-party insurance covers the following:
- Investigating costs
- Notifying all affected parties
- Fielding inquiries
- Tools to help affected parties
Third-party insurance is primarily used by contractors and IT professionals to lessen their liability. The covered expenses may include things such as the following:
- Lawyers’ fees
- Judgments and liability
- Other court costs such as witness fees, docket fees, etc.
Data Breach Prevention
There are also proactive approaches security professionals can take in order to lower their chances of experiencing a breach. Identifying cybersecurity risks to your data can be a good place to start. See how companies are shifting their budgets and priorities to protect their assets and customers from cyberattacks.
- 63% of companies have implemented a biometric system or plan to onboard one (Veridium).
- 17% of IT security professionals reported information security as the largest budget increase for 2018 (ZDNet).
- 80% of organizations planned to increase security spending for 2018 (ZDNet).
- It is predicted that global cybersecurity spending will exceed $1 trillion cumulatively from 2017 to 2021 (Cybersecurity Ventures).
- Worldwide, IT security spending in 2019 was projected to grow 8.7% over 2018’s figure (Gartner).
- For the first time since 2013, ransomware declined, down 20% overall, but up 12% for enterprises (Symantec).
- Budget allocation to hardware-based security services, which generally lack both portability and the ability to effectively function in virtual infrastructure, has fallen from 20% in 2015 to 17% with a further predicted decline to 15.5% in 2019 (451 Research).
- MSSPs, which can replicate certain security operational functions, saw modest budget allocation growth at the end of 2017 to 14.7%, but security professionals expect that stake to grow to 17.3% by 2019 (451 Research).
Click the button below to compare these 2020 insights to the stats from 2019.
Data Breach Defense + Prevention Resources
Companies need to examine lessons from the GDPR and update their data governance practices as more iterations are expected in the coming years. It’s crucial to properly set permissions on files and remove stale data.
Keeping data classification and governance up to par is instrumental to maintaining compliance with data privacy legislation like HIPAA, SOX, ISO 27001 and more. Today, modern solutions offer great protection and a more proactive approach to security to ensure the safety of sensitive information.
The following resources offer additional information on the improvement of data protection and tips for data breach prevention.
- Varonis Red Alert Data Breach Report
- Varonis 2019 Global Data Risk Report
- Verizon’s Data Breach Investigations Report (DBIR)
- IBM’s 2019 Cost of a Data Breach Report
- DataLossDB, maintained by the Open Security Foundation
- Ponemon Institute
- Data Breach Risk Calculator
- Identity Theft Resource Center
- RiskBased Mid-Year Data Breach Report
Data Breach Statistics FAQs
Below are some of the most frequently asked questions about data breaches with answers supported by data breach statistics and facts.
Q: How many data breaches occur?
A: The Privacy Rights Clearinghouse keeps a chronology of data and public security breaches dating back to 2005. The actual number of data breaches is not known. The Privacy Rights Clearinghouse estimated that there have been 9,044 public breaches since 2005, however more can be presumed since the organization does not report on breaches where the number of compromised records is unknown.
Q: What was the biggest data breach in history?
A: Yahoo holds the record for the largest data breach of all time with 3 billion compromised accounts (Statista).
Q: How many data breaches were there in 2019?
A: There were 2,013 confirmed data breaches in 2019 (Verizon).
Q: How much does a data breach cost per record?
A: Average total cost of a data breach is $3.92 million (IBM).
Q: What is the average size of a data breach?
A: 25,575 records (IBM).
Regardless of industry, there’s no question that data security and defense is highly valuable for companies in the digital economy we live in. Assess your business’s cybersecurity risk to make company-wide changes and improve overall security behavior.
Avoid being a data breach statistic by doing everything possible to protect your business from experiencing a breach. For more information on data security platforms learn how data protection solutions could positively impact your business.