Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2024, 455 cases of phishing and its variations were detected. Ransomware followed in the second place, with 188 attacks.

There are various factors that can mitigate or amplify the cost of a data breach. According to 2020 industry data, the formation of an incidence response team could reduce the average total cost of a data breach by almost ******* U.S. dollars. The same went for incident response testing, which was also a strongly mitigating factor when calculating data breach damages. In 2019, the average total cost of a data breach amounted to **** million U.S. dollars.

The Australian Cyber Security Centre (ACSC) received approximately ** thousand cybercrime reports in the financial year 2023. The number of reports has increased in comparison to previous years, with approximately ** thousand cybercrime reports filed in the financial year 2022.  Recent data breaches  When surveyed about the actions they would take following a reported hack or data breach, more than ************** of Australian adults indicated that they would either pause or completely stop spending with a brand or organization in 2022. Less than ********* of respondents would continue spending with a brand but would be concerned. In 2022, the global average cost of a data breach was **** million US dollars. The average cost of a data breach in Australia was approximately *** million US dollars. Loss from scams  Victims of investment scams lost over *** million Australian dollars in 2021. In the same year, dating and romance scams cost Australians approximately ** million Australian dollars. False billing, remote access scams, and threats to life were also amongst the most reported scam types in Australia the same year. 

Over ******* cases of cyber crime were reported to the Indian Cyber Crime Coordination Centre (I4C) in India within the first four months of 2024 alone. The number of cyber crimes in the country saw a massive spike between 2019 and 2020 and has been on the rise ever since. Roughly ** percent of the reports in 2024 were related to online financial fraud.

Between the third quarter of 2024 and the second quarter of 2025, the number of records exposed in data breaches in the United States decreased significantly. In the most recent measured period, over 16.9 million records were reported as leaked, down from around 494.17 million in the third quarter of 2024.

In 2023, about 73 million individuals were impacted by data compromise cases in the United States utilities industry. Approximately five million individuals were affected by data breaches in the manufacturing industry.

In 2023, the majority of incidents were reported in the vulnerability and publication categories. Vulnerability, which was related to identified security gaps resulting from the vulnerability of resources and services available from the internet level of entities under the jurisdiction of CSIRT GOV. Within the publication category, numerous disclosures of sensitive data were made as part of leaks, including login details for electronic services, private PGP keys, and information about the specifications of institutions' ICT infrastructure.

Between the first quarter of 2020 and the first second quarter of 2024, the number of records exposed in data breaches in Italy experienced a significant decrease. In the most recent measured period, approximately one million records were reported as leaked, down from around 10.2 million data sets affected in the first quarter of 2021.

Out of the ***** cybercrime offenses reported in Argentina in 2020, *** (or **** percent) were frauds. That year, the number of cases of phishing attacks and extortion amounted to *** (**** percent of the total) and *** (**** percent), respectively.

In the third quarter of 2024, over 597,000 personal data points of internet users were exposed to data breaches in Denmark, marking a considerable increase compared to the quarter prior. In the measured period, the highest number of exposed data records, more than one million, was registered in the first quarter of 2021.

In the third quarter of 2024, nearly a million personal data points were exposed to data breaches in Sweden, marking a considerable increase compared to the quarter prior. In the measured period, the highest number of exposed data records was registered in the second quarter of 2021, approximately 1.6 million.

Between January 2020 and June 2024, threat actors with political intent launched 10 cyberattacks against various institutions and critical infrastructure in Finland. The April 2024 data theft from the United Nations Development Programme was the latest registered case of a cyberattack with a political intent targeting Finland.

In 2023, it took three days on average for the occurrence to the discovery of cyber incidents in the companies in the United States. In most cases, companies reacted quickly, by taking the cyber attack under control. Further on, it took the organizations 33 days on average to complete the forensic investigation of the attacks. The longest the companies needed, was the time to notify about the cyber incident, which took 60 days on average.

Between November 2023 and October 2024, over 12 thousand organizations worldwide experienced data breaches that included confirmed data loss. Among selected industries, firms in the manufacturing and healthcare sector saw the highest number of data violations. Furthermore, smaller companies were more likely to be targeted than larger ones.

India saw a significant jump in cyber crimes reported in 2022 from the previous year. That year, over ****** cyber crime incidents were registered. Karnataka and Telangana accounted for the highest share during the measured period. Uttar Pradesh leads the wayThe northern state of Uttar Pradesh had the highest number of cyber crimes compared to the rest of the country, with over * thousand cases registered with the authorities in 2018 alone. India’s tech state, Karnataka, followed suite that year. A majority of these cases were registered under the IT Act with the motive to defraud, or sexually exploit victims. It's a numbers game It was estimated that in 2017, consumers in India collectively lost over 18 billion U.S. dollars due to cyber crimes. However, these were estimates based only on reported numbers. In a country like India, it is highly likely that the actual figures could be under-reported due to a lack of cyber crime awareness or the mechanisms to classify them. Recent government initiatives such as a dedicated online portal to report cyber crimes could very well be the main factor behind a sudden spike in online crimes from 2017 onwards.

Between January 2020 and June 2024, threat actors with political intent launched three cyberattacks against various institutions and critical infrastructure in Iceland. The February 2024 data theft incident involving a Russian ransomware group was the latest registered case of a cyberattack with a political intent targeting Iceland.

During the fourth quarter of 2024, data breaches exposed more than a million user data records in the United Kingdom (UK). The figure decreased significantly from nearly 41 million in the quarter prior. Overall, the time between the first quarter of 2022 and the fourth quarter of 2023, saw the lowest number of exposed user data accounts.

Between January 2020 and June 2024, threat actors with political intent launched nine cyberattacks against various institutions and critical infrastructure in Norway. The March 2024 data theft from the United Nations Development Programme was the latest registered case of a cyberattack with a political intent targeting Norway.

During the second quarter of 2025, data breaches exposed more than 93 million records worldwide. Since the first quarter of 2020, the highest number of data records were exposed in the third quarter of 2024, more than 3.8 billion data sets. Data breaches remain among the biggest concerns of company leaders worldwide. The most common causes of sensitive information loss were operating system vulnerabilities on endpoint devices. Which industries see the most data breaches? Meanwhile, certain conditions make some industry sectors more prone to data breaches than others. According to the latest observations, the public administration experienced the highest number of data breaches between 2021 and 2022. The industry saw 495 reported data breach incidents with confirmed data loss. The second were financial institutions, with 421 data breach cases, followed by healthcare providers. Data breach cost Data breach incidents have various consequences, the most common impact being financial losses and business disruptions. As of 2023, the average data breach cost across businesses worldwide was 4.45 million U.S. dollars. Meanwhile, a leaked data record cost about 165 U.S. dollars. The United States saw the highest average breach cost globally, at 9.48 million U.S. dollars.

In 2024, the financial services industry in the United States was the most targeted by cyberattacks, that resulted in data compromises. That year, financial institutions in the U.S. saw 737 data compromise incidents. On the other hand, in 2023, the number of data compromise incidents in the U.S. healthcare industry was much higher than in the latest measured year.