This is a dataset containing all the major data breaches in the world from 2004 to 2021

As we know, there is a big issue related to the privacy of our data. Many major companies in the world still to this day face this issue every single day. Even with a great team of people working on their security, many still suffer. In order to tackle this situation, it is only right that we must study this issue in great depth and therefore I pulled this data from Wikipedia to conduct data analysis. I would encourage others to take a look at this as well and find as many insights as possible.

This data contains 5 columns: 1. Entity: The name of the company, organization or institute 2. Year: In what year did the data breach took place 3. Records: How many records were compromised (can include information like email, passwords etc.) 4. Organization type: Which sector does the organization belong to 5. Method: Was it hacked? Were the files lost? Was it an inside job?

Here is the source for the dataset: https://en.wikipedia.org/wiki/List_of_data_breaches

Here is the GitHub link for a guide on how it was scraped: https://github.com/hishaamarmghan/Data-Breaches-Scraping-Cleaning

During the third quarter of 2025, data breaches exposed more than ** million records worldwide. Since the first quarter of 2020, the highest number of data records were exposed in the third quarter of ****, more than **** billion data sets. Data breaches remain among the biggest concerns of company leaders worldwide. The most common causes of sensitive information loss were operating system vulnerabilities on endpoint devices. Which industries see the most data breaches? Meanwhile, certain conditions make some industry sectors more prone to data breaches than others. According to the latest observations, the public administration experienced the highest number of data breaches between 2021 and 2022. The industry saw *** reported data breach incidents with confirmed data loss. The second were financial institutions, with *** data breach cases, followed by healthcare providers. Data breach cost Data breach incidents have various consequences, the most common impact being financial losses and business disruptions. As of 2023, the average data breach cost across businesses worldwide was **** million U.S. dollars. Meanwhile, a leaked data record cost about *** U.S. dollars. The United States saw the highest average breach cost globally, at **** million U.S. dollars.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

View Data Breach Notification Reports, which include how many breaches are reported each year and the number of affected residents.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

It started with a strange email. The kind you usually ignore. But for one midsize healthcare firm in Ohio, clicking that link changed everything. Within hours, sensitive patient records were encrypted, and hackers demanded payment in cryptocurrency. By the time IT figured out the breach, over 1.4 million records were...

Washington law requires entities impacted by a data breach to notify the Attorney General’s Office (AGO) when more than 500 Washingtonians personal information was compromised as a result of the breach. This dataset breaks out the individual types of breached personal information that were identified in each notice our office received. This data is used to produce the AGO’s Annual Data Breach Report. For additional statistics relating to data breaches, also see the main dataset at: https://data.wa.gov/Consumer-Protection/Data-Breach-Notifications-Affecting-Washington-Res/sb4j-ca4h.

Data Breaches Dataset

30,000 Records of cyber-security data breaches

About this dataset

This dataset is a compilation of data from various sources detailing data breaches. These sources include press reports, government news releases, and mainstream news articles. The list includes those involving the theft or compromise of 30,000 or more records, although many smaller breaches occur continually. In addition, the various methods used in the breaches are listed, with hacking being the most common.

Organizations of all types and sizes are susceptible to data breaches, which can have devastating consequences. This dataset can help shed light on which organizations are most at risk and how these breaches occur so that steps can be taken to prevent them in the future

How to use the dataset

There are many ways to use this dataset. Here are a few ideas:

• Use the data to understand which types of organizations are most commonly breached, and what methods are used most often.
• Analyze the data to see if there are any trends or patterns in when or how breaches occur.
• Use the data to create a visualizations or infographic showing the prevalence of data breaches

Research Ideas

• This dataset can be used to identify trends in data breaches in terms of methods used, types of organizations breached, and geographical distribution.

• This dataset can be used to study the effect of data breaches on organizational reputation and customer trust.

• This dataset can be used by organizations to benchmark their own security measures against those of similar organizations that have experienced data breaches

Acknowledgements

License

License: CC0 1.0 Universal (CC0 1.0) - Public Domain Dedication No Copyright - You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. See Other Information.

Columns

File: df_1.csv | Column name | Description | |:----------------------|:---------------------------------------------------------------------| | Entity | The name of the organization that was breached. (String) | | Year | The year when the breach occurred. (Integer) | | Records | The number of records that were compromised in the breach. (Integer) | | Organization type | The type of organization that was breached. (String) | | Method | The method that was used to breach the organization. (String) | | Sources | The sources from which the data was collected. (String) |

As of June 2025, the most significant data breach incident in the United States was the Yahoo data breach that dates back to 2013-2016. Impacting over three billion online users, this incident still remains one of the most significant data breaches worldwide. The second-biggest case was the January 2021 data breach at Microsoft, involving about 30 thousand companies in the United States and around 60 thousand companies around the world.

Each row in the dataset represents a specific data breach incident. Here's an explanation of the columns in the dataset:

Number: An identifier for each data breach incident.

Name_of_Covered_Entity: The name of the organization or entity that experienced the data breach.

Business_Associate_Involved: Information about whether a business associate was involved in the breach.

Total_Individuals: The total number of individuals affected by the breach.

Individuals_Affected: The number of individuals whose information was compromised.

Type_of_Breach: The method or nature of the data breach (e.g., theft, loss, hacking/IT incident, unauthorized access/disclosure).

Location_of_Breached_Information: The location or type of device where the breached information was stored (e.g., laptop, desktop computer, network server).

Breach_Start: The start date of the data breach.

Breach_End: The end date of the data breach.

Branch: A categorical identifier, possibly indicating a specific branch or division of the organization.

Department: A categorical identifier, possibly indicating a specific department within the organization.

CountryBranch: The country associated with the branch.

Employee(who find out breach): The employee who discovered the breach.

Employee URL: A URL link associated with the employee who discovered the breach.

Estimate Stole Data(GB): An estimate of the amount of data stolen in gigabytes.

This dataset contains real-world records of major data breaches involving the compromise of personally identifiable information (PII) across various sectors from 2020 to 2024. Each entry includes details about the organization affected, the type of PII exposed, the method of breach, and the subsequent response actions. This collection is intended to support cybersecurity analysis, trend detection, and academic research related to data privacy and digital risk management.

Publicly reported U.S. data compromises tracked by the Identity Theft Resource Center since 2005.

Introduction

Data Breaches Statistics: In recent years, data breaches have emerged as a major threat to both businesses and individuals. As the digital world grows, the frequency, scale, and impact of these breaches have surged, resulting in significant financial, reputational, and legal repercussions for organizations. The number of data breaches hit record highs, compromising millions of sensitive records.

This increase can be attributed to several factors, including rising cybercrime, inadequate data security practices, and the growing sophistication of hacking techniques. Data from cybersecurity experts reveal a notable rise in breaches within the healthcare, financial, and retail industries.

As the fallout from these breaches intensifies, it has become increasingly important for both businesses and consumers to understand the trends and scope of these incidents. This introduction will explore the latest statistics and developments, offering insights into the evolving landscape of data breaches and their wide-reaching effects.

Dataset

This dataset was created by Asta

Released under Data files © Original Authors

Contents

Between the third quarter of 2024 and the third quarter of 2025, the number of records exposed in data breaches in the United States decreased significantly. In the most recent measured period, over **** million records were reported as leaked, down from around ***** million in the third quarter of 2024.

Introduction

Data Breach Statistics: In the year 2024, data breaches pose a great risk all over the world, and criminals tend to use more advanced methods, making the attacks more frequent and wider. All types of organizations, regardless of their size and in all industries, have been victims of data breaches, often leading to loss of money and facing legal actions as well as damage to their names.

This paper looks at the current data breach statistics, looking into some important figures, costs, and trends to expect in the year 2024.

Data Breach Notification Services Market Outlook

According to our latest research, the global Data Breach Notification Services market size in 2024 stands at USD 2.31 billion, and it is expected to grow at a robust CAGR of 16.7% during the forecast period. By 2033, this market is projected to reach USD 10.23 billion, reflecting the increasing stringency of data protection regulations and the rising frequency of cyber incidents worldwide. The primary growth factor propelling the market is the surging demand for rapid and compliant notification solutions in the wake of data breaches, as organizations strive to mitigate reputational and financial risks associated with non-compliance and delayed disclosures.

The growth of the Data Breach Notification Services market is fundamentally driven by the proliferation of stringent data privacy laws and regulations across the globe. Legislation such as the General Data Protection Regulation (GDPR) in Europe, the California Consumer Privacy Act (CCPA) in the United States, and similar frameworks in Asia Pacific and Latin America have established rigorous requirements for organizations to notify affected parties and regulatory bodies promptly in the event of a data breach. These regulations not only mandate notification within specific timelines but also impose hefty penalties for non-compliance, compelling enterprises to seek specialized notification services. As regulatory landscapes continue to evolve and expand, organizations are increasingly prioritizing investments in data breach notification solutions to ensure adherence and minimize legal exposure.

Another significant growth factor is the escalating frequency and sophistication of cyberattacks targeting organizations of all sizes and industries. The increasing reliance on digital platforms, cloud services, and interconnected devices has broadened the attack surface, making enterprises more vulnerable to data breaches. High-profile incidents involving sensitive customer data have underscored the importance of swift and effective notification processes to maintain customer trust and brand reputation. As a result, organizations are turning to data breach notification service providers that offer comprehensive solutions, including incident response, legal guidance, and communication support, to navigate the complexities of post-breach management. The need for real-time, automated, and scalable notification capabilities is also fueling market expansion.

The growing awareness among enterprises regarding the reputational and financial repercussions of data breaches is further amplifying market demand. Beyond regulatory fines, organizations face significant losses due to customer attrition, litigation, and operational disruptions following a breach. Data breach notification services not only facilitate compliance but also help organizations demonstrate transparency and accountability, which are critical for maintaining stakeholder confidence. The increasing adoption of digital transformation initiatives, coupled with the rise of remote work and cloud-based operations, is making data protection and breach notification an integral part of organizational risk management strategies. As businesses recognize the value of proactive breach notification, the market is poised for sustained growth.

From a regional perspective, North America currently dominates the Data Breach Notification Services market, accounting for the largest share due to its mature regulatory environment and high incidence of data breaches. The region is characterized by a strong presence of leading service providers and early adopters of advanced notification solutions. Europe follows closely, driven by comprehensive data protection laws and growing enterprise awareness. Meanwhile, Asia Pacific is emerging as a high-growth region, propelled by rapid digitalization, expanding regulatory frameworks, and increasing investments in cybersecurity infrastructure. The market in Latin America and the Middle East & Africa is also witnessing steady growth as organizations in these regions recognize the importance of timely and compliant breach notification.

Service Type Analysis

The Data Breach Notification Services market is segmented by service type, with key categories including Consulting, Managed Services, Incident Response, Legal and Regulatory Compliance, and Others. Consulting services play a pivotal role in helping organizations assess their readiness for data breach incide

This dataset provides a view of the top various data breaches of 2023 around the world. It includes the Organization Name, sector, location, year, month, known records breached and the type of records that were compromised.

This is my first dataset, any feedback is greatly appreciated!

Data Breach Detection Market Outlook

According to our latest research, the global data breach detection market size reached USD 4.9 billion in 2024, with a robust compound annual growth rate (CAGR) of 18.2% anticipated from 2025 to 2033. By the end of 2033, the market is forecasted to attain a value of USD 25.7 billion. This remarkable growth trajectory is primarily fueled by the escalating sophistication and frequency of cyberattacks, the proliferation of digital transformation initiatives, and the tightening regulatory frameworks worldwide that mandate robust data security and breach notification protocols.

One of the most significant growth drivers for the data breach detection market is the surge in cyber threats targeting organizations of all sizes and across every industry vertical. The rise in ransomware, phishing, and advanced persistent threats (APTs) has compelled businesses to prioritize the implementation of advanced breach detection solutions. With attackers leveraging artificial intelligence and automation to evade traditional security measures, organizations are increasingly adopting next-generation data breach detection tools that offer real-time threat intelligence, behavioral analytics, and automated incident response. This heightened threat landscape has made breach detection not just a compliance requirement but a critical component of enterprise risk management strategies.

The rapid pace of digital transformation and the widespread adoption of cloud services have further amplified the need for robust data breach detection mechanisms. As businesses migrate sensitive workloads and data to the cloud, the attack surface expands, creating new vulnerabilities that traditional security controls may not adequately address. Enterprises are investing heavily in cloud-native breach detection solutions that provide continuous monitoring, anomaly detection, and automated response capabilities across hybrid and multi-cloud environments. Moreover, the integration of artificial intelligence and machine learning in breach detection tools is enabling faster and more accurate identification of sophisticated threats, significantly reducing the dwell time of attackers within enterprise networks.

Regulatory compliance is another powerful catalyst shaping the data breach detection market. Stringent data protection regulations such as the General Data Protection Regulation (GDPR) in Europe, the California Consumer Privacy Act (CCPA) in the United States, and similar frameworks in Asia Pacific and Latin America are compelling organizations to implement comprehensive breach detection and reporting mechanisms. Non-compliance can result in severe financial penalties and reputational damage, driving organizations to invest in solutions that ensure timely detection, reporting, and remediation of data breaches. As regulatory scrutiny intensifies and new legislations emerge, the demand for advanced breach detection solutions is expected to rise exponentially.

As the digital landscape evolves, organizations are increasingly turning to Perimeter Breach Analytics to bolster their security frameworks. This approach focuses on analyzing data at the network's edge, where initial breaches often occur, providing early detection of potential threats. By leveraging advanced analytics and machine learning, Perimeter Breach Analytics enables organizations to identify unusual patterns and behaviors that may indicate a breach attempt. This proactive stance not only enhances the ability to prevent unauthorized access but also supports compliance with stringent data protection regulations. As cyber threats become more sophisticated, the integration of Perimeter Breach Analytics into existing security strategies is becoming a critical component for organizations aiming to safeguard their digital assets.

From a regional perspective, North America continues to dominate the data breach detection market in 2024, accounting for over 42% of global revenues. This leadership is attributed to the regionÂ’s mature cybersecurity ecosystem, high incidence of data breaches, and proactive regulatory stance. However, Asia Pacific is emerging as the fastest-growing market, with a projected CAGR of 21.5% through 2033, driven by rapid digitalization, expanding cloud adoption, and increa