Overview This dataset is a comprehensive, easy-to-understand collection of cybersecurity incidents, threats, and vulnerabilities, designed to help both beginners and experts explore the world of digital security. It covers a wide range of modern cybersecurity challenges, from everyday web attacks to cutting-edge threats in artificial intelligence (AI), satellites, and quantum computing. Whether you're a student, a security professional, a researcher, or just curious about cybersecurity, this dataset offers a clear and structured way to learn about how cyber attacks happen, what they target, and how to defend against them.

With 14134 entries and 15 columns, this dataset provides detailed insights into 26 distinct cybersecurity domains, making it a valuable tool for understanding the evolving landscape of digital threats. It’s perfect for anyone looking to study cyber risks, develop strategies to protect systems, or build tools to detect and prevent attacks.

What’s in the Dataset? The dataset is organized into 16 columns that describe each cybersecurity incident or research scenario in detail:

ID: A unique number for each entry (e.g., 1, 2, 3). Title: A short, descriptive name of the attack or scenario (e.g., "Authentication Bypass via SQL Injection"). Category: The main cybersecurity area, like Mobile Security, Satellite Security, or AI Exploits. Attack Type: The specific kind of attack, such as SQL Injection, Cross-Site Scripting (XSS), or GPS Spoofing. Scenario Description: A plain-language explanation of how the attack works or what the scenario involves. Tools Used: Software or tools used to carry out or test the attack (e.g., Burp Suite, SQLMap, GNURadio). Attack Steps: A step-by-step breakdown of how the attack is performed, written clearly for all audiences. Target Type: The system or technology attacked, like web apps, satellites, or login forms. Vulnerability: The weakness that makes the attack possible (e.g., unfiltered user input or weak encryption). MITRE Technique: A code from the MITRE ATT&CK framework, linking the attack to a standard classification (e.g., T1190 for exploiting public-facing apps). Impact: What could happen if the attack succeeds, like data theft, system takeover, or financial loss. Detection Method: Ways to spot the attack, such as checking logs or monitoring unusual activity. Solution: Practical steps to prevent or fix the issue, like using secure coding or stronger encryption. Tags: Keywords to help search and categorize entries (e.g., SQLi, WebSecurity, SatelliteSpoofing). Source: Where the information comes from, like OWASP, MITRE ATT&CK, or Space-ISAC.

Cybersecurity Domains Covered The dataset organizes cybersecurity into 26 key areas:

AI / ML Security

AI Agents & LLM Exploits

AI Data Leakage & Privacy Risks

Automotive / Cyber-Physical Systems

Blockchain / Web3 Security

Blue Team (Defense & SOC)

Browser Security

Cloud Security

DevSecOps & CI/CD Security

Email & Messaging Protocol Exploits

Forensics & Incident Response

Insider Threats

IoT / Embedded Devices

Mobile Security

Network Security

Operating System Exploits

Physical / Hardware Attacks

Quantum Cryptography & Post-Quantum Threats

Red Team Operations

Satellite & Space Infrastructure Security

SCADA / ICS (Industrial Systems)

Supply Chain Attacks

Virtualization & Container Security

Web Application Security

Wireless Attacks

Zero-Day Research / Fuzzing

Why Is This Dataset Important? Cybersecurity is more critical than ever as our world relies on technology for everything from banking to space exploration. This dataset is a one-stop resource to understand:

What threats exist: From simple web attacks to complex satellite hacks. How attacks work: Clear explanations of how hackers exploit weaknesses. How to stay safe: Practical solutions to prevent or stop attacks. Future risks: Insight into emerging threats like AI manipulation or quantum attacks. It’s a bridge between technical details and real-world applications, making cybersecurity accessible to everyone.

Potential Uses This dataset can be used in many ways, whether you’re a beginner or an expert:

Learning and Education: Students can explore how cyber attacks work and how to defend against them. Threat Intelligence: Security teams can identify common attack patterns and prepare better defenses. Security Planning: Businesses and governments can use it to prioritize protection for critical systems like satellites or cloud infrastructure. Machine Learning: Data scientists can train models to detect threats or predict vulnerabilities. Incident Response Training: Practice responding to cyber incidents, from web hacks to satellite tampering.

Ethical Considerations Purpose: The dataset is for educational and research purposes only, to help improve cybersecurity knowledge and de...

The National Institute of Standards and Technology (NIST) provides a Cybersecurity Framework (CSF) for benchmarking and measuring the maturity level of cybersecurity programs across all industries. The City uses this framework and toolset to measure and report on its internal cybersecurity program. The foundation for this measure is the Framework Core, a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure/industry sectors. These activities come from the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) published standard, along with the information security and customer privacy controls it references (NIST 800 Series Special Publications). The Framework Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous functions: identify, protect, detect, respond, and recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core identifies underlying key categories and subcategories for each function, and matches them with example references, such as existing standards, guidelines, and practices for each subcategory. This page provides data for the Cybersecurity performance measure. Cybersecurity Framework cumulative score summary per fiscal year quarter (Performance Measure 5.12) The performance measure page is available at 5.12 Cybersecurity. Additional Information Source: Maturity assessment / https://www.nist.gov/topics/cybersecurityContact: Scott CampbellContact E-Mail: Scott_Campbell@tempe.govData Source Type: ExcelPreparation Method: The data is a summary of a detailed and confidential analysis of the city's cybersecurity program. Maturity scores of subcategories within NIST CFS are combined, averaged, and rolled up to a summary score for each major category.Publish Frequency: AnnualPublish Method: ManualData Dictionary

The foundation for this measure is the Framework Core, a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure/industry sectors. These activities come from the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) published standard, along with the information security and customer privacy controls it references (NIST 800 Series Special Publications). The Framework Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous functions – identify, protect, detect, respond, and recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core identifies underlying key categories and subcategories for each function, and matches them with example references, such as existing standards, guidelines and practices for each subcategory. This page provides data for the Cybersecurity performance measure.Cybersecurity Framework (CSF) scores by each CSF category per fiscal year quarter (Performance Measure 5.12)The performance measure dashboard is available at 5.12 Cybersecurity.Additional InformationSource: Maturity assessment /https://www.nist.gov/topics/cybersecurityContact: Scott CampbellContact E-Mail: Scott_Campbell@tempe.govData Source Type: ExcelPreparation Method: The data is a summary of a detailed and confidential analysis of the city's cyber security program. Maturity scores of subcategories within NIST CFS are combined, averaged and rolled up to a summary score for each major category.Publish Frequency: Annual

Percentage of enterprises impacted by specific types of cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

man-in-the-middle (MITM)

Average spending on specific measures to prevent or detect cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

This dataset comprises 100,000 entries of synthesized cybersecurity incidents. It provides extensive details on various attack scenarios, target systems, and response measures. The data is structured across 15 columns, each capturing critical aspects of cybersecurity events, including:

Incident Details:

attack_type: Type of the cyberattack (e.g., DDoS, phishing, ransomware). target_system: Systems targeted during the attack. outcome: The result of the attack (e.g., success, failure). timestamp: Time of the attack occurrence. Attacker and Target Information:

attacker_ip: IP address of the attacker. target_ip: IP address of the target. Attack Metrics:

data_compromised_GB: Volume of data compromised in GB. attack_duration_min: Duration of the attack in minutes. attack_severity: Severity of the attack on a scale. Defense and Response:

security_tools_used: Security tools or defenses employed. response_time_min: Time taken to respond to the incident. mitigation_method: Method used to mitigate the attack. Contextual Information:

user_role: Role of the user or entity involved. location: Geographical location of the incident. industry: Industry targeted by the attack. This dataset is ideal for exploring patterns in cybersecurity incidents, evaluating the effectiveness of response strategies, and building predictive models to enhance security measures. Let me know if you'd like further analysis or visualization of the data!

Percentage of enterprises that use specific cyber security measures by the North American Industry Classification System (NAICS) and size of enterprise.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

The cloud security market is experiencing robust growth, projected to reach $15.21 billion in 2025 and maintain a Compound Annual Growth Rate (CAGR) of 18.07% from 2025 to 2033. This expansion is driven by several factors. The increasing adoption of cloud computing across various industries, coupled with heightened concerns about data breaches and cyberattacks, fuels significant demand for robust cloud security solutions. Organizations are prioritizing the protection of sensitive data and applications residing in cloud environments, leading to increased investments in Identity and Access Management (IAM), Data Loss Prevention (DLP), and Intrusion Detection/Prevention Systems (IDS/IPS). The rising complexity of cloud infrastructures and the emergence of new attack vectors further contribute to market growth. Further fueling this growth is the shift towards hybrid and multi-cloud deployments, demanding sophisticated security solutions capable of managing security across diverse environments. This diverse landscape creates opportunities for various vendors specializing in application, database, endpoint, network, and web/email security. While specific regional breakdowns are unavailable, North America is expected to maintain a substantial market share, given its advanced adoption of cloud technologies and stringent data privacy regulations. Asia Pacific is poised for significant growth, driven by increasing digitalization and cloud adoption across developing economies. The competitive landscape is highly dynamic, with major players like Trend Micro, Imperva, Broadcom, IBM, Cisco, Fortinet, Sophos, McAfee, Qualys, Check Point, and CSC vying for market share through continuous innovation and strategic acquisitions. The market is segmented by solution (IAM, DLP, IDS/IPS, SIEM, Encryption), security type (application, database, endpoint, network, web/email), and deployment mode (public, private, hybrid). Future growth will likely be shaped by advancements in Artificial Intelligence (AI) and Machine Learning (ML) for threat detection, the expansion of cloud-native security solutions, and the increasing demand for secure access service edge (SASE) architectures. Market restraints may include complexities in integrating cloud security solutions with existing on-premise systems and the skilled cybersecurity workforce shortage. However, the overall trajectory indicates continued substantial growth for the foreseeable future. Recent developments include: May 2023 - Fujitsu Limited and Microsoft Corporation announced a five-year partnership to significantly expand their existing collaboration. The agreement, which involved investment by companies to drive the expansion of Fujitsu's Uvance business, leverages the Microsoft Cloud and industry-leading technologies to digitally transform organizations around the globe, develop more sustainable practices and solutions that address societal needs, and unlock new streams of business growth., June 2022 - Cisco, the leader in corporate networking and security, announced its plan for a global, cloud-delivered, integrated platform that can secure and connect organizations of any size and shape. The Cisco Security Cloud is designed to be the most open platform in the industry, ensuring the integrity of the entire IT ecosystem without public cloud lock-in.. Key drivers for this market are: Growing Threats of Cyber Attacks is Expanding the Market. Potential restraints include: Growing Threats of Cyber Attacks is Expanding the Market. Notable trends are: Intrusion Detection and Prevention is the Fastest Growing Segment.

Cloud-based Database Security Market Outlook

As per our latest research, the global cloud-based database security market size reached USD 7.4 billion in 2024, reflecting robust demand across diverse industries. The market is poised to grow at a compelling CAGR of 17.2% from 2025 to 2033, with the market size forecasted to reach USD 25.7 billion by 2033. This strong growth trajectory is primarily driven by the increasing adoption of cloud infrastructure, the proliferation of data-centric business models, and escalating concerns over cyber threats targeting sensitive and mission-critical data.

A major growth factor for the cloud-based database security market is the exponential rise in cloud adoption across enterprises of all sizes. Organizations are migrating their workloads and databases to the cloud to leverage scalability, cost-efficiency, and agility. However, this migration has also amplified the exposure of databases to sophisticated cyberattacks, prompting a surge in demand for advanced cloud-based security solutions. The increasing frequency of data breaches, ransomware attacks, and compliance requirements such as GDPR, HIPAA, and CCPA have made database security a board-level priority. Consequently, businesses are investing in comprehensive security frameworks that encompass threat detection, access control, encryption, and compliance management, thereby fueling market growth.

Another significant driver is the rapid digital transformation initiatives undertaken by sectors such as BFSI, healthcare, retail, and government. The surge in digital transactions, electronic health records, and online retailing has led to an unprecedented volume of sensitive data being stored and processed in cloud databases. This data is a lucrative target for cybercriminals, necessitating robust security measures. Innovations in artificial intelligence (AI), machine learning (ML), and automation are being integrated into cloud-based database security solutions, enabling real-time threat intelligence, anomaly detection, and automated response mechanisms. These advancements are not only enhancing the efficacy of security protocols but also reducing manual intervention and operational costs.

Furthermore, the evolving regulatory landscape is compelling organizations to adopt cloud-based database security solutions. Governments and regulatory bodies worldwide are imposing stringent data protection laws, mandating businesses to implement advanced security controls and maintain audit trails. Non-compliance can result in hefty fines, reputational damage, and loss of customer trust. As a result, companies are increasingly opting for cloud-native security platforms that offer centralized visibility, automated compliance reporting, and seamless integration with existing IT infrastructure. The growing awareness about the shared responsibility model in cloud security is also encouraging enterprises to proactively secure their databases, driving sustained market expansion.

From a regional perspective, North America currently dominates the cloud-based database security market, accounting for the largest share in 2024, followed by Europe and Asia Pacific. The region's leadership is attributed to the high concentration of cloud service providers, early adoption of advanced technologies, and stringent regulatory frameworks. However, Asia Pacific is expected to exhibit the fastest growth during the forecast period, driven by rapid digitalization, expanding IT infrastructure, and increasing investments in cybersecurity. Latin America and the Middle East & Africa are also witnessing steady growth, fueled by rising awareness and government initiatives to bolster data security.

Component Analysis

The component segment of the cloud-based database security market is bifurcated into software and services. Software solutions encompass a wide array of security tools, including database activity monitoring, data encryption, access management, and vulnerability assessment.

Businesses who reported the number of times their business experienced cyber security incidents, by North American Industry Classification System (NAICS) and enterprise size.

Database Security Market size was valued at USD 7.87 USD Billion in 2024 and is projected to reach USD 27.02 USD Billion by 2032, growing at a CAGR of 18.40% during the forecast period 2026-2032.

Global Database Security Market Drivers

The market drivers for the Database Security Market can be influenced by various factors. These may include:

Protecting Your Digital Fort: The volume of data produced by companies is growing exponentially, hence strong database security solutions are more important than ever to safeguard private data from hacks and illegal access. Rising Cyber Threat Incidents: To protect their databases, companies are investing in sophisticated and more frequent cyberattacks and data breaches. Ensuring Data Security: Compliance requirements and regulations governing data protection, such GDPR, HIPAA, and PCI DSS, force businesses to put in place thorough database security plans in order to avoid heavy penalties and legal consequences. Adoption of Cloud Computing: The need for database security solutions is increasing as more people use cloud services and databases and need for stronger security measures to safeguard data kept in cloud environments. Big Data and IoT are Using More and More: The need for strong database security solutions is being driven by the huge volumes of data that big data analytics and IoT devices produce. Technological Advancements: Database security solutions are made more capable of identifying and reducing risks by the advancement of sophisticated security technologies like machine learning and artificial intelligence. Fortifying Data Fortresses: Organisational understanding of the value of data security and the possible repercussions of data breaches is growing, which promotes investment in database security solutions. Digital Transformation Initiatives: As businesses go through digital transformation, they start depending more on data-driven decision-making procedures, which makes good database security necessary to safeguard vital company data.

Market Summary of Database Security Market:

• The Global Database Security market size in 2023 was XX Million. The Database Security Industry's compound annual growth rate (CAGR) was XX% from 2024 to 2031. • The database security industry is growing faster and is expected to expand at a faster rate due to these strict regulatory frameworks. Also, the increase in advanced technology for better protection of data is driving the growth of the Database security market. • The dominating segment is the software. It includes encryption, auditing, tokenization, data masking, and access control management. • Due to the increase in internet users, remote working demand, and risk of data breaches, the COVID-19 pandemic has had a beneficial effect on the market for data security solutions. • The database security market is dominated by North America in terms of both revenue and market share. This can be attributed to the region's concentration of significant industry participants and increasing technical advancements in their product line.

Market Dynamics of Database Security Market:

Key Drivers of Database Security Market:

The Database Security Market is driven by the strict regulatory framework to address information security

Regulatory frameworks can establish standards that developers and users must follow to guarantee a secure database. The market is growing as a result of increasingly stringent regulations enforced globally to protect sensitive data by governments and other relevant authorities in numerous nations. Currently, rules for data localization are in place in most of the countries. These have significant effects on how businesses interact with local regulations as well as their IT footprints, data governance, and data architectures. The general goals of localization regulations are to stop cybercrimes (such as identity theft), boost local economies, and possibly most importantly address growing privacy concerns. The desire of firms to utilize data for their commercial advantage is often the most contentious topic, with different governments arriving at different judgments about how to balance it. Data must be processed and stored within a specific nation or region to comply with geographic constraints on data export. For each of these, businesses must build a unique infrastructure, set of computing resources, and teams. For Instance, two sets of standard contractual agreements were adopted by the European Commission, one was meant for use between controllers and processors, and the other was meant for the transfer of personal data to third parties. They ensure a high level of data privacy for citizens by reflecting new standards under the General Data Privacy Regulation (GDPR) and taking the Court of Justice's Schrems II ruling into consideration. These new tools will provide European firms with greater legal stability and aid SMEs in particular to maintain compliance with secure data transfer standards while enabling unrestricted cross-border data movement. (Source: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847) Furthermore, Federal Financial Institutions, the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI-DSS), Examination Council (FFIEC), etc are some strict regulatory measures for protection. So, the database security industry is growing faster and is expected to expand at a faster rate due to these strict regulatory frameworks.

Key Restraints of Database Security Market

Lack of skills and technological knowledge in database security market

Inadequate information security may lead to disruptions in socially significant activities, inability to do business appropriately and efficiently, and loss of personal integrity protection. Nevertheless, obstacles including unclear career routes, out-of-date education, expensive certifications, and high levels of job stress deter people from choosing cybersecurity as a vocation. For Instance, As of May 2023, there were 40,000 cybersecurity job openings in India; however, a significant lack of skilled workers prevented 30% of these positions from being filled, according to TeamLease Digital, a division of TeamLease Services. The need for cybersecurity experts has outpaced supply, making it difficult for many ...

Average spending on specific measures to recover from cyber security incidents by the North American Industry Classification System (NAICS) and size of enterprise.

Global Network Security and Cyber Risk Management Market growth is projected to reach USD $ Billion in 2025, at a $% CAGR by driving industry size, share, segments research, top company analysis, trends and forecast report 2025 to 2031.

In this document, comprehensive datasets are presented to advance research on information security breaches. The datasets include data on disclosed information security breaches affecting S&P500 companies between 2020 and 2023, collected through manual search of the Internet. Overall, the datasets include 504 companies, with detailed information security breach and financial data available for 97 firms that experienced a disclosed information security breach. This document will describe the datasets in detail, explain the data collection procedure and shows the initial versions of the datasets. Contact at Tilburg University Francesco Lelli Data files: 6 raw Microsoft Excel files (.xls) Supplemental material: Data_Publication_Package.pdf Detailed description of the data has been released in the following preprint: [Preprint in progress] Structure data package The folder contains the 6 .xls documents, the data publication package. Link to the preprint describing the dataset is in the description of the dataset itself. The six .xls documents are also present in their preferred file format csv (see Notes for further explanation). Production date: 01-2024---- 05-2024 Method: Data on information security breaches through manual search of the Internet, financial data through Refinitiv (LSEG). (Approval obtained from Refinitiv to publish these data) Universe: S&P500 companies Country / Nation: USA

Description

The datasets demonstrate the malware economy and the value chain published in our paper, Malware Finances and Operations: a Data-Driven Study of the Value Chain for Infections and Compromised Access, at the 12th International Workshop on Cyber Crime (IWCC 2023), part of the ARES Conference, published by the International Conference Proceedings Series of the ACM ICPS.

Using the well-documented scripts, it is straightforward to reproduce our findings. It takes an estimated 1 hour of human time and 3 hours of computing time to duplicate our key findings from MalwareInfectionSet; around one hour with VictimAccessSet; and minutes to replicate the price calculations using AccountAccessSet. See the included README.md files and Python scripts.

We choose to represent each victim by a single JavaScript Object Notation (JSON) data file. Data sources provide sets of victim JSON data files from which we've extracted the essential information and omitted Personally Identifiable Information (PII). We collected, curated, and modelled three datasets, which we publish under the Creative Commons Attribution 4.0 International License.

1. MalwareInfectionSet We discover (and, to the best of our knowledge, document scientifically for the first time) that malware networks appear to dump their data collections online. We collected these infostealer malware logs available for free. We utilise 245 malware log dumps from 2019 and 2020 originating from 14 malware networks. The dataset contains 1.8 million victim files, with a dataset size of 15 GB.

2. VictimAccessSet We demonstrate how Infostealer malware networks sell access to infected victims. Genesis Market focuses on user-friendliness and continuous supply of compromised data. Marketplace listings include everything necessary to gain access to the victim's online accounts, including passwords and usernames, but also detailed collection of information which provides a clone of the victim's browser session. Indeed, Genesis Market simplifies the import of compromised victim authentication data into a web browser session. We measure the prices on Genesis Market and how compromised device prices are determined. We crawled the website between April 2019 and May 2022, collecting the web pages offering the resources for sale. The dataset contains 0.5 million victim files, with a dataset size of 3.5 GB.

3. AccountAccessSet The Database marketplace operates inside the anonymous Tor network. Vendors offer their goods for sale, and customers can purchase them with Bitcoins. The marketplace sells online accounts, such as PayPal and Spotify, as well as private datasets, such as driver's licence photographs and tax forms. We then collect data from Database Market, where vendors sell online credentials, and investigate similarly. To build our dataset, we crawled the website between November 2021 and June 2022, collecting the web pages offering the credentials for sale. The dataset contains 33,896 victim files, with a dataset size of 400 MB.

Credits Authors

Billy Bob Brumley (Tampere University, Tampere, Finland)

Juha Nurmi (Tampere University, Tampere, Finland)

Mikko Niemelä (Cyber Intelligence House, Singapore)

Funding

This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under project numbers 804476 (SCARE) and 952622 (SPIRS).

Alternative links to download: AccountAccessSet, MalwareInfectionSet, and VictimAccessSet.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

Percentage of enterprises that reported cyber security incidents to a police service by the North American Industry Classification System (NAICS) and size of enterprise.