DATABREACH STATS & NEWS
28,433,149,823
Overview
As more and more companies experience crippling security breaches, the wave of compromised data is on the rise. Data breach statistics show that hackers are highly motivated by money to acquire data, and that personal information is a highly valued type of data to compromise. It’s also apparent that companies are still not prepared enough for breaches even though the cybertechnology landscape has dramatically advanced.
Below are the top 2022 data breach stats covering types of data breaches, industry-specific, risks, costs, as well as data breach defense and prevention resources supporting the importance of cybersecurity and how to better align organizational security budgets.
- The global number of web attacks blocked per day increased by 561 percent
- The number of data breaches has significantly increased within the past decade, from a mere 662 to more than 1,000
- Office applications were the most commonly exploited applications worldwide
- 80 percent increase in the number of people affected by health data breaches
- Formjacking attacks caused an average of 10 credit card breach per website earning cybercriminals over $32M+
Data Breach Cost
- The average total cost of a ransomware breach is $4.62 million, slightly higher than the average data breach of $4.24 million
- The average per record (per capita) cost of a data breach increased by 10.3 percent
- The average total cost for healthcare increased from $7.13 million to $9.23 million, a 29.5 percent increase
- Lost business opportunities represented the largest share of breach costs, at an average total cost of $1.59 million
- The average cost of a breach with a lifecycle over 200 days is $4.87 million
- 39 percent of costs are incurred more than a year after a data breach
- United States was the country with the highest average total cost of a data breach was at $9.05 million
- The average cost of a mega-breach was $401 million for the largest breaches (50 – 65 million records), an increase from $392 million
- Annually, hospitals spend 64 percent more on advertising the two years following a breach
- The cost difference in breaches in which mature Zero Trust was deployed versus not was $1.76 million
- The largest difference for breaches with a high level of compliance failures compared to a low level was $2.30 million
Cause & Source
- An average of 4,800 websites a month are compromised with formjacking code
- 34 percent of data breaches involved internal actors
- 71 percent of breaches are financially motivated
- Ransomware accounts for nearly 24 percent of incidents in which malware is used
- 95 percent of breached records came from the government, retail and technology sectors
- 36 percent of external data breach actors were involved in organized crime
Response & Lifecycle
- It took an average of 287 days to identify a data breach
- The average time to contain a breach was 80-90 days
- Healthcare and financial industries had the longest data breach lifecycle — 329 days and 233 days, respectively
- The data breach lifecycle of a malicious or criminal attack took an average of 315 days
- Microsoft Office files accounted for 48 percent of malicious email attachments
- The most active attack groups targeted an average of 55 organizations
Industry News
Also, 66% experienced a data breach in the past year, making it the most common security incident. These are from a Splunk report, prepared in ... For telecommunications providers, security breaches create a devastating chain reaction. Compromised infrastructure leads to eroded customer trust, ... ... Canada, U.K. privacy officials launch joint investigation into 23andMe data breach ... SK Telecom to resume new eSIM-based subscriptions following data breach ... SK Group focuses ... As rewarding as technology is, it also carries home safety and privacy threats. Person in a stylish blouse adjusting a security camera indoors, ... Security · cyber extortion · data breach · data exfiltration. Previous Article. Next Article. Rosalyn Page. Author spotlight. Rosalyn Page. Freelance ... In 2023, according to IBM Security the global average cost of a data breach reached $4.45 million, with sectors such as insurance experiencing ... In the context of homeland security, the stakes are particularly high—where operational downtime or data breaches can directly affect national safety ... Sensata Technologies has notified both past and present workers of a data breach following an investigation into a ransomware attack in April. ... On June 15, President Lee Jae-myung appointed new officials to the National Security Office and the Office of the Chief Secretary for AI ... Catherine Perez-Shakdam is the Executive Director at the Forum for Foreign Relations and an associate scholar at the Jerusalem Center for Security and ... Coinbase breach linked to customer data leak in India · Flight Centre taps more data in customer sentiment analysis · Share on Facebook · Share on ... Nor did it bring any U.S. security guarantees for Ukraine despite Macron's efforts, together with Starmer, to build a coalition of nations that could ... In a letter [PDF] letter to the Comptroller General of the US, ranking House Homeland Security committee member Bennie Thompson (D-MS) and ranking ... Security experts warned that it is difficult to rule out the possibility of a leak, given that ransomware attacks often involve stolen financial data, ... Hackers leak data of 10K VirtualMacOSX customers in alleged breach, exposing names, emails, passwords and financial data on a hacking forum. Exposed data may include names, Social Security numbers, medical records, financial account info, and other personal identifiers. While no cases of ... Dublin-based credit union also hires new chief audit executive as fallout from last year's security breach continues. Avatar photo ... Less than two months after a massive security breach at SK Telecom ... The next day, Yes24 declared there had been no data breach. But later ... Nonetheless, the most harmful have been data breaches—stealthy incursions where attackers circumvent security measures and obtain a considerable ...on June 15, 2025 at 9:39 pm on June 15, 2025 at 9:11 pm on June 15, 2025 at 9:06 pm on June 15, 2025 at 8:36 pm on June 15, 2025 at 7:22 pm on June 15, 2025 at 6:05 pm on June 15, 2025 at 5:59 pm on June 15, 2025 at 5:33 pm on June 15, 2025 at 5:14 pm on June 15, 2025 at 5:02 pm on June 15, 2025 at 4:52 pm on June 15, 2025 at 4:19 pm on June 15, 2025 at 3:33 pm on June 15, 2025 at 3:33 pm on June 15, 2025 at 3:14 pm on June 15, 2025 at 2:42 pm on June 15, 2025 at 2:36 pm on June 15, 2025 at 1:46 pm on June 15, 2025 at 1:37 pm on June 15, 2025 at 12:51 pm
A new malware campaign is exploiting a weakness in Discord's invitation system to deliver an […] Cybersecurity researchers are calling attention to a "large-scale campaign" that has been observed […] The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that […] Introduction: Security at a Tipping Point
Security Operations Centers (SOCs) were built for a […] Apple has disclosed that a now-patched security flaw present in its Messages app was actively […] The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to […] Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be […] AI is changing everything — from how we code, to how we sell, to how we secure. But while most […] A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial […] Human identities management and control is pretty well done with its set of dedicated tools, […]on June 13, 2025 at 7:45 pm on June 13, 2025 at 7:12 am on June 13, 2025 at 4:02 am on June 13, 2025 at 3:30 am on June 13, 2025 at 12:03 am on June 12, 2025 at 10:47 am on June 12, 2025 at 6:52 am on June 12, 2025 at 6:06 am on June 12, 2025 at 4:11 am on June 12, 2025 at 4:00 am
A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors […] Researchers discovered a large-scale campaign using the open source penetration-testing framework […] This alignment makes a successful CISO, but creating the same sentiment across business leadership […] These groups suffered three times the cyberattacks as the year previous, with DDoS attacks […] Researchers at Aim Security disclosed a Microsoft Copilot vulnerability of critical severity this […] New regulations and compliance standards for the Children's Online Privacy Protection Act reflect […] A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers […] To truly future-proof your cybersecurity approach, it's vital to ensure that your security program […] Interpol's Operation Secure arrested more than 30 suspects across Vietnam, Sri Lanka, and Nauru, […] The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by […]on June 13, 2025 at 1:06 pm on June 13, 2025 at 8:10 am on June 13, 2025 at 7:00 am on June 13, 2025 at 6:00 am on June 12, 2025 at 1:49 pm on June 12, 2025 at 1:16 pm on June 12, 2025 at 1:13 pm on June 12, 2025 at 7:00 am on June 11, 2025 at 2:25 pm on June 11, 2025 at 2:10 pm
Brian Krebs Updates
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same […] Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active […] Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large […] The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites […] Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The […] The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold […] KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits […] In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit […] Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active […] A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees […]on June 12, 2025 at 3:14 pm on June 10, 2025 at 5:10 pm on June 5, 2025 at 3:44 pm on May 29, 2025 at 6:55 pm on May 28, 2025 at 10:41 am on May 22, 2025 at 2:53 pm on May 20, 2025 at 2:30 pm on May 15, 2025 at 12:56 pm on May 14, 2025 at 4:57 am on May 7, 2025 at 3:22 pm
