The European Repository of Cyber Incidents (EuRepoC) is releasing the Global Dataset of Cyber Incidents in Version 1.3 as an extract of our backend database. This official release contains fully consolidated cyber incident data reviewed by our interdisciplinary experts in the fields of politics, law and technology across all 60 variables covered by the European Repository. Version 1.3 covers the years 2000 – 2024 entirely. The Global Dataset is meant for reliable, evidence-based analysis. If you require real-time data, please refer to the download option in our TableView or contact us for special requirements (including API access).

The dataset now contains data on 3416 cyber incidents which started between 01.01.2000 and 31.12.2024. The European Repository of Cyber Incidents (EuRepoC) gathers, codes, and analyses publicly available information from over 220 sources and 600 Twitter accounts daily to report on dynamic trends in the global, and particularly the European, cyber threat environment.

For more information on the scope and data collection methodology see: https://eurepoc.eu/methodology

Full Codebook available here

Information about each file

please scroll down this page entirely to see all files available. Zenodo only displays the attribution dataset by default.

Global Database (csv or xlsx):
This file includes all variables coded for each incident, organised such that one row corresponds to one incident - our main unit of investigation. Where multiple codes are present for a single variable for a single incident, these are separated with semi-colons within the same cell.

Receiver Dataset (csv or xlsx):
In this file, the data of affected entities and individuals (receivers) is restructured to facilitate analysis. Each cell contains only a single code, with the data "unpacked" across multiple rows. Thus, a single incident can span several rows, identifiable through the unique identifier assigned to each incident (incident_id).

Attribution Dataset (csv or xlsx):
This file follows a similar approach to the receiver dataset. The attribution data is "unpacked" over several rows, allowing each cell to contain only one code. Here too, a single incident may occupy several rows, with the unique identifier enabling easy tracking of each incident (incident_id). In addition, some attributions may also have multiple possible codes for one variable, these are also "unpacked" over several rows, with the attribution_id enabling to track each attribution.

Dyadic Dataset (csv or xlsx):
The dyadic dataset puts state dyads in the focus. Each row in the dataset represents one cyber incident in a specific dyad. Because incidents may affect multiple receivers, single incidents can be duplicated in this format, when they affected multiple countries.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2024, 455 cases of phishing and its variations were detected. Ransomware followed in the second place, with 188 attacks.

The average cyber attack takes 280 days to identify and contain and it costs an average of about $3.86 million to deal with properly.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Data breaches cost companies and businesses a lot of money. The average cost of a data breach is $3.86 million.

This report reviews the impact of the cyber attack in May 2021 on the Health Service Executive (HSE) and other health bodies. It examines the HSE's cyber attack preparedness, the financial impact of the attack and the status of implementation of PWC's post incident review recommendations.

India Cyber Security Incidents: Total data was reported at 1,592,917.000 Unit in 2023. This records an increase from the previous number of 1,391,457.000 Unit for 2022. India Cyber Security Incidents: Total data is updated yearly, averaging 49,908.500 Unit from Dec 2004 (Median) to 2023, with 20 observations. The data reached an all-time high of 1,592,917.000 Unit in 2023 and a record low of 23.000 Unit in 2004. India Cyber Security Incidents: Total data remains active status in CEIC and is reported by Indian Computer Emergency Response Team. The data is categorized under India Premium Database’s Transportation, Post and Telecom Sector – Table IN.TF010: Information Technology Statistics: Cyber Security Incidents.

In 2024, manufacturing saw the highest share of cyberattacks among the leading industries worldwide. During the examined year, manufacturing companies encountered more than a quarter of the total cyberattacks. Organizations in the finance and insurance followed, with around 23 percent. Professional, business, and consumer services ranked third, with 18 percent of reported cyberattacks. Manufacturing industry and cyberattacks The industry of manufacturing has been in the center of cyberattacks in a long time. The share of cyberattacks targeting organizations in this sector in 2018 was at 10 percent, while in 2024, it amounted to 26 percent. The situation is even more compliacted when we look at the cyber vulnerabilities found in this sector. In 2024, critical vulnerabilities in manufacturing companies lasted 205 days on average. IT perspective and prevention With recent technology developments, cybersecurity is crucial to an organization’s success. Realizing this, companies have been gradually increasing cybersecurity investments. Thus, in 2024, the cybersecurity budget worldwide was forecast to increase to nearly 283 billion U.S. dollars. Roughly nine in ten board directors of companies worldwide in professional services and media and entertainment industries say they expect an increase in the cybersecurity budget.

The dataset contains data on 2889 cyber incidents between 01.01.2000 and 02.05.2024 using 60 variables, including the start date, names and categories of receivers along with names and categories of initiators. The database was compiled as part of the European Repository of Cyber Incidents (EuRepoC) project.

EuRepoC gathers, codes, and analyses publicly available information from over 200 sources and 600 Twitter accounts daily to report on dynamic trends in the global, and particularly the European, cyber threat environment.

For more information on the scope and data collection methodology see: https://eurepoc.eu/methodology

Codebook available here

Information about each file:

Global Database (csv or xlsx):
This file includes all variables coded for each incident, organised such that one row corresponds to one incident - our main unit of investigation. Where multiple codes are present for a single variable for a single incident, these are separated with semi-colons within the same cell.

Receiver Dataset (csv):
In this file, the data of affected entities and individuals (receivers) is restructured to facilitate analysis. Each cell contains only a single code, with the data "unpacked" across multiple rows. Thus, a single incident can span several rows, identifiable through the unique identifier assigned to each incident (incident_id).

Attribution Dataset (csv):
This file follows a similar approach to the receiver dataset. The attribution data is "unpacked" over several rows, allowing each cell to contain only one code. Here too, a single incident may occupy several rows, with the unique identifier enabling easy tracking of each incident (incident_id). In addition, some attributions may also have multiple possible codes for one variable, these are also "unpacked" over several rows, with the attribution_id enabling to track each attribution.

eurepoc_global_database_1.2 (json):
This file contains the whole database in JSON format.

[227+ Pages Report] Global Cyber Security Market size & share projected to hit a record value of USD 398.3 Billion by 2026 at an anticipated CAGR growth rate of 14.9% during the forecast period 2021-2026. Increasing use of technological measures in the sectors of retails, BSFI, information and technology, and manufacturing will boost the footprint of global cyber security market to a larger footprint.

Some industries are affected by cyber attacks more than others. These next cybersecurity statistics detail specifically who is affected by cyber-attacks and why they are.

India Cyber Security Incidents: Website Intrusion and Malware Propagation data was reported at 563.000 Unit in 2017. This records a decrease from the previous number of 1,483.000 Unit for 2016. India Cyber Security Incidents: Website Intrusion and Malware Propagation data is updated yearly, averaging 4,492.500 Unit from Dec 2008 (Median) to 2017, with 10 observations. The data reached an all-time high of 7,286.000 Unit in 2014 and a record low of 563.000 Unit in 2017. India Cyber Security Incidents: Website Intrusion and Malware Propagation data remains active status in CEIC and is reported by Indian Computer Emergency Response Team. The data is categorized under India Premium Database’s Transportation, Post and Telecom Sector – Table IN.TF010: Information Technology Statistics: Cyber Security Incidents.

Cyber attacks are a growing concern for small businesses during COVID-19 . Be Protected While You Work. Upgrade Your Small Business's Virus Protection Today! Before going for a Cyber security solutions for small to mid-sized businesses deliver enterprise-level protection.

Download this (Checklist for a Small Firm's Cybersecurity Program 2020-2021) data set to deploy secure functioning of various aspects of your small business including, employee data, website and more.This checklist is provided to
assist small member firms with limited resources to establish a cybersecurity program to identify and assess cybersecurity threats,
protect assets from cyber intrusions,
detect when their systems and assets have been compromised,
plan for the response when a compromise occurs and implement a plan to recover lost, stolen or unavailable assets. 
Train employees in security principles.
Protect information, computers, and networks from malware attacks.
Provide firewall security for your Internet connection.
Create a mobile device action plan.
 Make backup copies of important business data and information.
 Learn about the threats and how to protect your website.
 Protect Your Small Business site.
 Learn the basics for protecting your business web sites from cyber attacks at WP Hacked Help Blog

Created With Inputs From Security Experts at WP Hacked Help - Pioneer In WordPress Malware Removal & Security

The National Institute of Standards and Technology (NIST) provides a Cybersecurity Framework (CSF) for benchmarking and measuring the maturity level of cyber security programs across all industries. The City uses this framework and toolset to measure and report on its internal cyber security program.The foundation for this measure is the Framework Core, a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure/industry sectors. These activities come from the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) published standard, along with the information security and customer privacy controls it references (NIST 800 Series Special Publications). The Framework Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous functions – identify, protect, detect, respond, and recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core identifies underlying key categories and subcategories for each function, and matches them with example references, such as existing standards, guidelines and practices for each subcategory. This page provides data for the Cybersecurity performance measure.Cybersecurity Framework (CSF) scores by each CSF category per fiscal year quarter (Performance Measure 5.12)The performance measure dashboard is available at 5.12 Cybersecurity.Additional InformationSource: Maturity assessment /https://www.nist.gov/topics/cybersecurityContact: Scott CampbellContact E-Mail: Scott_Campbell@tempe.govData Source Type: ExcelPreparation Method: The data is a summary of a detailed and confidential analysis of the city's cyber security program. Maturity scores of subcategories within NIST CFS are combined, averaged and rolled up to a summary score for each major category.Publish Frequency: AnnualPublish Method: ManualData Dictionary

The Database Security market is experiencing robust growth, projected to reach $2556.1 million in 2025 and exhibiting a Compound Annual Growth Rate (CAGR) of 11.4% from 2025 to 2033. This expansion is fueled by the increasing frequency and sophistication of cyberattacks targeting sensitive data stored in databases, coupled with stringent data privacy regulations like GDPR and CCPA. The rising adoption of cloud computing and the proliferation of big data also contribute significantly to market growth, as organizations require robust security solutions to protect their valuable data assets across diverse environments. The market is segmented by application (SMEs, Large Enterprises) and type (Marketing, Sales, Operations, Finance, HR & Legal), with large enterprises and applications involving sensitive financial data demonstrating particularly high demand for advanced database security solutions. North America currently holds a dominant market share due to early adoption of advanced technologies and a strong regulatory landscape, but the Asia-Pacific region is poised for significant growth, driven by increasing digitalization and a rapidly expanding economy. The competitive landscape is characterized by a mix of established players like Oracle and IBM, alongside specialized security vendors such as Trustwave and McAfee. These companies offer a wide range of solutions, including database activity monitoring, encryption, access control, and vulnerability management. The market is witnessing innovation in areas like AI-powered threat detection and automated security response, which are enhancing the effectiveness and efficiency of database security solutions. However, challenges remain, including the rising complexity of cyber threats, the skills gap in cybersecurity professionals, and the high cost of implementing and maintaining comprehensive database security systems. The continued evolution of cyberattacks and data privacy regulations will be key drivers shaping the future of this dynamic market.

Insights On Cyberbiosecurity Field

According to Cyberbiosecurity: A New Perspective on Protecting U.S. Food and Agricultural System: "The US's national data and infrastructure security issues affecting the “bioeconomy” are evolving rapidly. Simultaneously, the conversation about cyber security of the U.S. food and agricultural system (cyber biosecurity) is incomplete and disjointed. The food and agricultural production sectors influence over 20% of the nation's economy ($6.7T) and 15% of U.S. employment (43.3M jobs). The food and agricultural sectors are immensely diverse and they require advanced technologies and efficiencies that rely on computer technologies, big data, cloud-based data storage, and internet accessibility. There is a critical need to safeguard the cyber biosecurity of our bio economy, but currently protections are minimal and do not broadly exist across the food and agricultural system."

Cyberbiosecurity is an emerging discipline for protecting life sciences data, functions, operation, and the bio-economy. https://www.frontiersin.org/files/Articles/447748/fbioe-07-00063-HTML-r1/image_m/fbioe-07-00063-g001.jpg" alt="">

Insights On The Dataset

The BATtle of the Attack Detection ALgorithms (BATADAL) will objectively compare the performance of algorithms for the detection of cyber attacks in water distribution systems.

C-Town Public Utility (CPU) is the main water distribution system operator of C-Town (Figure 1). For many years, CPU has operated a static distribution topology. In the last year, CPU has introduced novel smart technology to enable remote data collection from sensors in the field, and remote control of actuators. Shortly after that new technology has been introduced, anomalous low levels in Tank T5 and high levels in Tank T1 were observed. A month later, a water overflow in Tank T1 occurred. While CPU personnel at the control center were able to see the anomalous readings for the first two episodes, Tank T1 overflow took place unexpectedly while the water level readings were always below the alarm thresholds and pumping operations appeared to be normal. Searching for the causes, CPU engineers suspect potential cyber-attacks for all these episodes. In particular, they are considering adversaries that are able to activate and deactivate the actuators in C-Town, as well as altering the readings of the sensors deployed in the network and the reported status of actuators, and interfering with the connections established between networked components. The participants' task is thus to develop an online alert system for cyber-physical attacks.

Additional Information About The Dataset From Other Papers: - SCADA data are real-time, field-based network measurements (tank water level, pump flow, etc.) transmitted to the central system by programmable logic controllers (PLCs) - C-Town consists of 388 nodes linked with 429 pipes and is divided into 5 district metered areas (DMAs). - More specifically, the SCADA data include the water level at all 7 tanks of the network (T1–T7), status and flow of all 11 pumps (PU1–PU11) and the one actuated valve (V2) of the network, and pressure at 24 pipes of the network that correspond to the inlet and outlet pressure of the pumps and the actuated valve.

https://ascelibrary.org/cms/asset/1375ee5f-cc1e-498f-8a03-1180c61ee9fe/figure1.jpg" alt="">

Graph Annotation: - L_T #: water level of a tank # [meter].​ - S_PU # or S_V # : status of a pump # or a valve # [dmnl]. Binary signal.​ - F_PU # or F_V # : flowrate of a pump # or a valve # [L/s].​ - P_J # : inlet and outlet pressure for a junction # [meter].

Dataset Details (TL:DR): - There are 43 columns and a 1/0 label column, with 1 meaning that the system is under attack and 0 meaning that the system is in normal operation. - Training Dataset 1: This dataset was released on November 20 2016, and it was generated from a one-year long simulation. The dataset does not contain any attacks, i.e. all the data pertains to C-Town normal operations. - Training Dataset 2: This dataset with partially labeled data was released on November 28 2016. The dataset is around 6 months long and contains several attacks, some of which are approximately labeled. - Test Dataset: This 3-months long dataset contains several attacks but no labels. The dataset was released on February 20 2017, and it is used to compare the performance of the algorithms (see rules document for details).

Notes

• More information about the BATADAL dataset and the 2017-2018 competition can be found in here. Paper of the competition is publicly available [here](https://par.nsf.gov/servlets/purl/1010...

This operations dashboard shows historic and current data related to this performance measure. The performance measure dashboard is available at 5.12 Cybersecurity. Data Dictionary