The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

As of January 2025, the most significant data privacy violation fine worldwide was for social media giant Meta. In May 2023, the Data Protection Commission (DPC) of Ireland decided to fine the company with 1.2 billion euros or 1.3 billion U.S. dollars. The Chinese vehicle-for rent company Didi Global ranked second. In July 2022, China's data privacy regulator fined the company 8.026 billion Chinese yuan, or 1.19 billion U.S. dollars. The 2021 Amazon fine issued by Luxembourg's data privacy regulation authorities was 877 million U.S. dollars and was the third-biggest data breach fine as of the measured month. The 2019 fine of 575 million U.S. dollars to Equifax followed. In this incident, because of unpatched vulnerabilities, nearly 150 million people were affected, which caused the American consumer credit reporting agency to pay at least 575 million U.S. dollars.

During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. Since the first quarter of 2020, the highest number of data records were exposed in the first quarter of 202, more than 818 million data sets. Data breaches remain among the biggest concerns of company leaders worldwide. The most common causes of sensitive information loss were operating system vulnerabilities on endpoint devices. Which industries see the most data breaches? Meanwhile, certain conditions make some industry sectors more prone to data breaches than others. According to the latest observations, the public administration experienced the highest number of data breaches between 2021 and 2022. The industry saw 495 reported data breach incidents with confirmed data loss. The second were financial institutions, with 421 data breach cases, followed by healthcare providers. Data breach cost Data breach incidents have various consequences, the most common impact being financial losses and business disruptions. As of 2023, the average data breach cost across businesses worldwide was 4.45 million U.S. dollars. Meanwhile, a leaked data record cost about 165 U.S. dollars. The United States saw the highest average breach cost globally, at 9.48 million U.S. dollars.

As of February 2024, the global average cost per data breach amounted to **** million U.S. dollars, an increase from **** million U.S. dollars in the previous year. The average cost of a data breach varied across sectors, with the highest average cost in the healthcare industry.

As of 2024, the average cost of a data breach in the United States amounted to 9.36 million U.S. dollars, down from 9.48 million U.S. dollars in the previous year. The global average cost per data breach was 4.88 million U.S. dollars in 2024. Cost of a data breach in different countries worldwide Data breaches impose a big threat for organizations globally. The monetary damage caused by data breaches has increased in many markets in the past decade. In 2023, Canada followed the U.S. by data breach costs, with an average of 5.13 million U.S. dollars. Since 2019, the average monetary damage caused by loss of sensitive information in Canada has increased notably. In the United Kingdom, the average cost of a data breach in 2024 amounted to around 4.53 million U.S. dollars, while in Germany it stood at 5.31 million U.S. dollars. The cost of data breach by industry and segment Data breach costs vary depending on the industry and segment. For the fourth consecutive year, the global healthcare sector registered the highest costs of data breach, which in 2024 amounted to about nine million U.S. dollars. Financial institutions ranked second, with an average cost of six million U.S. dollars for a data breach. Detection and escalation was the costliest segment in data breaches worldwide, with 1.63 U.S. dollars on average. The cost for lost business ranked second, while response following a breach came across as the third-costliest segment.

Customers' personal identifiable information was the most common type of data compromised in worldwide data breaches. 48 percent of compromised records fell into this category in 2024. The second-most breached kind of data was employee personal identifiable information, with around 37 percent of all breached records in the same year.

In 2024, numerous data breach incidents were disclosed, causing uncertainty among customers. Some of the incidents have refused to disclose the exact number of individuals impacted, so the impact in these cases is only estimated. The largest data breach is believed to have impacted every American, with around three billion records being breached. A UK-based pathology lab, Synnovis, saw a ransomware attack in July 2024, which impacted approximately 300 million patients.

Between 2008 and 2024, the most significant data breach in the financial industry worldwide was detected in 2019 in the United States at the First American Financial Corporation. This data breach caused the leakage of 885 million financial and personal records. The financial industry is one of the most targeted sectors by cyberattacks that lead to data breaches. However, cyber-attacks are not the only reason for a data breach. Sometimes data compromise occurs due to other reasons, such as system errors.

As of December 2024, the most significant data breach incident in the United States was the Yahoo data breach that dates back to 2013-2016. Impacting over three billion online users, this incident still remains one of the most significant data breaches worldwide. The second-biggest case was the January 2021 data breach at Microsoft, involving about 30 thousand companies in the United States and around 60 thousand companies around the world.

In 2024, the average cost of an industrial data breach reached its peak with an average of 5.56 million U.S. dollars, up from 4.73 million U.S. dollars in 2023. In comparison, the global average cost of a data breach across all studied industries was 4.88 million U.S. dollars.

In 2023, Russia ranked first in the world by data breach density. The number of breached e-mail accounts per thousand people in the country amounted to 542. The United States ranked second, with 285 user accounts, while Czechia followed, with 207 accounts. The data breach density in Denmark, Switzerland, and Italy was relatively lower.

In November 2023, around 11.5 million e-mail accounts of LinkedIn users were made available online, making it the most significant case of personal data compromise worldwide in 2023. This was followed by four Russian platforms, Chitai-gorod, Book24, Gloria Jeans, and SberSpasibo. As a result of these incidents, 20.2 million e-mail accounts were exposed.

According to a 2024 survey, 63 percent of companies worldwide planned to increase their cybersecurity investment following a data breach. This represents a 12-percent increase from the previous year.

As of 2024, the average cost per stolen record in data breaches worldwide amounted to 169 U.S. dollars, up from 165 dollars in the previous year. The average cost of a data breach worldwide was 4.88 million U.S. dollars.

Between March 2022 and February 2024, the highest average cost of a data breach, nearly 9.77million U.S. dollars, was detected in the healthcare industry. The financial sector ranked second, with 6.08 million U.S. dollars on average per breach. The global average data breach cost in the measured period was 4.88 million U.S. dollars. Data breaches in the public sector cost relatively low, an average of 2.55 million U.S. dollars during the measured period.

In 2024, the cost of a compromised record containing employees' personally identifiable information was 189 U.S. dollars, making it the highest-cost type of breached data record. The second-most expensive type of data record among the compromised data points was customers' personal identifiable information (PII), which cost 181 U.S. dollars.

Data breaches cost companies considerably less had they deployed security automation. In 2024, a data breach cost an organization that extensively used security automation 3.84 million U.S. dollars on average, compared to 5.72 million U.S. dollars on average for an organization with no such deployment.

In 2023, over three-thirds of respondents from the Americas region stated that their company perceived security breaches and data leaks as an important threat. This percentage was slightly lower for respondents from the the Asia-Pacific and EMEA regions.

In 2019, 45 percent of global data breaches featured hacking. Errors were the second-most popular cause with a 22 percent presence rate. The majority of data breaches were perpetrated by external actors.

In 2022, nearly 50 percent of respondents worldwide stated that their company experienced unplanned expenses to fix security gaps due to cloud attacks. By contrast, 32 percent of respondents reported no data breach consequence as a result of cloud attacks, while 15 percent of respondents registered decrease in new sales.