Every time we turn on the news these days, there appears to be another article about the compromise of millions of people’s personal information. So, how serious is the problem of data breaches, and what are the implications for individuals and businesses?
We offer the most recent and interesting data breach statistics and information, many of which are alarming.
Content Outline
40+ Disturbing Data Breach Statistics That Will Make You Think
Data Breaches Cost
1. The average total cost of a ransomware attack is $4.62 million, slightly more than the $4.24 million average cost of a data breach (IBM).
2. From 2020 to 2021, the average cost of a data breach per record (per capita) grew by 10.3 percent (IBM).
3. The average total cost of healthcare grew by 29.5 percent from $7.13 million in 2020 to $9.23 million in 2021. (IBM).
4. Lost business prospects accounted for the majority of breach expenses in 2021, with an average total cost of $1.59 million (IBM).
5. A breach with a lifespan of more than 200 days costs $4.87 million on average (IBM).
6. More than a year after a data breach, 39% of expenditures are incurred (IBM).
7. The US was the country with the highest average overall cost of a data breach in 2021, at $9.05 million (IBM).
8. In 2021, the average cost of a mega-breach for the greatest breaches (50–65 million records) was $401 million, up from $392 million in 2020. (IBM).
9. In the two years following a breach, hospitals spend 64 percent more on advertising (American Journal of Managed Care).
10. The cost difference between breaches when mature Zero Trust was used against breaches where it wasn’t was $1.76 million (IBM).
11. The most significant difference between breaches with a high level of compliance failures and breaches with a low level of compliance failures was $2.30 million (IBM)
12. When working remotely was a factor in triggering a data breach, the average overall cost of the breach was more than $1 million greater than when working remotely was not a role (IBM).
13. The average cost of a data breach was higher in companies with more than 60% of employees working remotely than in companies without remote workers (IBM).
14. The average cost of a breach in firms that did not adjust their IT to cope with the pandemic or make other equivalent changes was $5.01 million, compared to the global average of $4.24 million (IBM).
15. According to estimates, there were as many as 192,000 coronavirus-related intrusions every week in May 2020, up 30% from April 2020. (Unisys).
16. In 2021, 98 percent of data breaches at point-of-sale in the hospitality business will be motivated by financial gain (Verizon).
17. This year, confirmed data breaches in the healthcare industry climbed by 58%. (Verizon).
18. Web application breaches now account for 43% of all breaches, up from 23% in 2019. (Verizon).
19. The Pandemic Unemployment Assistance programme exposed 33,000 unemployment applicants to a data security compromise in May. (NBC).
20/ After their applications were revealed in a data breach of federal disaster loan applications, 8,000 small company owners were affected (U.S. PIRG).
21. COVID-19, the largest-ever security threat, had a 400% surge in cyber frauds in the month of March 2020. (Reed Smith).
Biggest Data Breach Stats
22. With an estimated 3 billion user accounts compromised, Yahoo holds the record for the greatest data breach. Users’ passwords in clear text, payment card data, and bank information were not obtained, according to an inquiry. (The New York Times)
23. A security compromise exposed Aadhaar, India’s biometric database, which holds the personal data of practically every citizen (1.1 billion people). (The Washington Post)
24. Approximately 885 million confidential client financial details were leaked by First American Corporation. (KrebsOnSecurity)
25. Data from 763 million records was exposed, including email addresses, names, genders, IP addresses, phone numbers, and other sensitive information. (Today’s Data Breach)
26. On the Amazon cloud server in 2019, Facebook had 540 million user details exposed. (UpGuard)
27. Yahoo reported in 2014 that a “state-sponsored actor” had acquired the account information of at least 500 million users, including names, email addresses, phone numbers, birth dates, encrypted passwords, and, in some cases, security questions. (The New York Times)
28. Marriott International stated in November 2018 that hackers had stolen data on around 500 million Starwood hotel guests. (The New York Times)
29. In October 2016, hackers stole 20 years of data and 412.2 million accounts from six databases for The Adult Friend Finder Network, including names, email addresses, and passwords. (The Washington Post)
30. A Russian hacker gained access to 360 million Myspace accounts in June 2013, but the issue was not revealed until 2016. (TechCrunch)
31. Exactis, a marketing and data aggregation organisation based in Florida, exposed a database holding almost 340 million records on a publicly accessible server in June 2018. (Wired)
32. Twitter warned its 330 million users in May 2018 of a bug that left passwords unmasked in an internal record, making all user passwords available to the internal network. (CBS)
Data Breach Prevention Statistics
33. 63 percent of businesses have implemented or plan to implement a biometric system (Veridium).
34. Information security was cited by 17 percent of IT security professionals as having the highest budget increase in 2018. (ZDNet).
In 2018, 80 percent of businesses planned to boost security spending (ZDNet).
35. Between 2017 and 2021, it was expected that global cybersecurity investment would top $1 trillion (Cybersecurity Ventures).
36. In comparison to 2018, global IT security investment is expected to increase by 8.7% in 2019. (Gartner).
37. For the first time since 2013, ransomware decreased by 20% overall, but increased by 12% for enterprise businesses (Symantec).
38. Budget allocation to hardware-based security services has decreased from 20% in 2015 to 17% in 2016. Hardware-based security services often lack mobility and the capacity to function effectively in virtual infrastructure. (451 Research)
39. MSSPs, which may replicate certain security operational activities, showed a minor increase in budget allocation to 14.7 percent at the end of 2017, but security experts predicted that share would rise to 17.3 percent by 2021. (451 Research).
Data Breach Projections by Numbers
40. Cybercrime is expected to cost $10.5 trillion globally by 2025, an increase of 15% year over year (Cybersecurity Ventures).
41. Biometric hacking will be a focus for attackers, exposing flaws in touch ID sensors, facial recognition, and passcodes (Experian).
42. Skimming isn’t new, but the next step might be an enterprise-wide attack on a big financial institution’s nationwide network, resulting in millions of dollars in losses (Experian).
43. It’s expected that a major wireless carrier will be targeted in a way that affects both iPhones and Androids at the same time. Millions of people’s personal information could be stolen by cybercriminals, putting all wireless communications in the US at risk (Experian).
44. A breach at a cloud vendor might compromise the sensitive information of hundreds of Fortune 1000 businesses (Experian).
45. Cybercriminals posing as gamers will obtain access to the computers and personal data of trusted players, making the online gaming community a new hacker surface (Experian).
Conclusion
The frightening statistics of leaked data show that cybersecurity will have to go hand in hand with our transition to a digital world. We will continue to lose our personal information in malicious data breaches if we neglect its relevance.