The average cost of a data breach in 2021 was sitting at $4.24 million US dollars. In 2022 this increased by 2.6% to $4.35 million US dollars according to data breach statistics. The average cost of data breaches for critical infrastructure has increased to $4.82 million US dollars.
The cyber security sector has come under increasing pressures to implement, update and maintain their cybersecurity measures that are in place in an environment of every increasing risk in cyberspace.
In this post we will look at the general data breach statistics for 2023.
2023 General Data Breach Statistics
- Approximately 817 breaches were reported in the US in the first half of 2022.
- 2021, out of the previous 17 years was the most costly in terms of data breaches being successful through phishing attacks.
- 19% of data breaches took place due to the compromise of a business partner.
- As per statistics gathered by the Pnemon Institute, 77% of companies are not prepared when it came to thwarting an attack.
- From 2013-2019 73% of cyber insurance claims were due to data breaches, incident response and crisis management.
- Cyber insurance claims related to data breaches sits at 27%. 24% of first party claims had an exclusion clause in their insurance package which resulted in them not getting a payout, or a partial one.
- Cyber insurance claims caused by data breaches, 71% of businsses had their loss that is covered by their policy. This is composed of payments being made up to 44% with such insured payments being retained at 27%.
- Healthcare institutions made up 90% that experienced at minimum 1 data breach in the last few years.
- 30% of data breaches happened to large hospitals which in turn exposed patients private health information.
- 69% of companies faced data breaches due to not having consistent cloud security configurations. (Click To Read More).
- Major reason for insurance claims in the IT and Telecommunications sector were either through malicious data breached which were 24% of claims, or 18% through accidental data breaches.
- In an insurance claim for a data breach the cost can be broken down as follows. 21% of the cost is forensic costs, cyber security defenses at 18%, 13% for legal consultations and cyber security experts, and lastly 14% for credit monitoring and theft monitoring services (Click To Read More).
- Over 83% of companies that were included in IBM's Data Breach Report have been involved in more than one breach.
- According to the statistics in IBM's report 60% of companies that had been breached, were a result of a price hike that had been passed on to clients.
- According to Verizon's 2022 report, 36% of all data breaches happened due to phishing (Click To Read More).
- Facebook Breaches in 2019 were a major cause of data leakages (Click To Read More).
- Those companies that have a fully deployed Cyber Security AI solution experienced on average a 74 day short time ot identify and contain a data breach compared to those with out a solution of 249 days vs 323 days.
- Usage of automation and Securit AI jumped by nearly 1/5th in 2 year from 2020 being at 59% and 2022 to 70%
- In 2022 around 19% of data breaches that occured arise in stolen or compromised credentials at an appoximate cost of 4.50 million USD.
- In 2021, stolen or compromised credentials were a top vector of attack for data breaches sitting at 21%.
- Healthcare organizations have seen an increase in data breaches since 2019 of 51%
- Negligent employees are the case of data breach threats in healthcare organizations of 61%
- There is a cost difference of around 27.6% when it comes to breaches in the hybrid cloud vs public cloud.
- The average time needed to identify and contain a breach dropped from 287 days in 2021 to 277 days in 2022. This is a drop of 10 days, or 3.5%
- In the 2020 Healthcare Cybersecurity report published by Herjavec Group, around 93% of healthcare organizations experienced a data breach in the previous 3 years. 57% of them had more than 5 breaches within that 3 year timeframe(Click Here To Read More)
- There was an increase of 58% in 2020 of breaches that had targeted the healthcare sector.
- Since 2020, data breaches in the healthcare sector increased by 42% having the highest breach costs for 12 years running.
- Since 2009, more than 2,100 health care related data breaches have been reported.
- 6% of pediatric hospitals reported they had experienced a data breach
- Authorized access or disclosure amounted to 34% of the data breaches experienced by healthcare organizations.
- Roughly 18% of teaching hospitals had a data breach.
- Hackers or various IT incidents are the cause of around 47% of data breaches in the health care sector
- A 48% decrease was seen in the US when it came to data breaches in the healthcare sector according to HIPPA (Click Here To Read More)
- Pfizer, an American Pharma company, accidentally leaked private data of its prescription drug users. This breach was due to unsecured cloud storage (Click Here To Read More).
- A massive data breach that affected over 1 million individuals in mid July 2022 was reported by OneTouchPoint (Click Here To Read More).
- Florida Based Boward Health reported a breach which affected 1.35 million people on January 2nd 2022.
- Baptist Meidical Center, a Tenet Healthcare Affiliate, suffered a cyber attack that affected 1.24 million individuals back on April 24th 2022.
- Farrer Park Hospital in Singapore had a breach between March 8th 2018 and October 25th 2019 (Click Here To Read More).
- The largest data breach in 2022 which affected over 2 million people happened to The Shields healthcare (Click Here To Read More).
- A data breach occurred at Texas Tech University Health Sciences Center due to a hacking incident which was reported on 7th of June 2022. This breach affected over 1.29 million people (Click Here To Read More).
- Healthcare, finance, energy, pharmaceuticals and education are highly regulated industries. On average,
- Business email compromise (BEC) had the 2nd highest average time to identify and contain such a breach sitting at 308 days.
- 45% of organizations said they had been breached in the cloud where as 55% said the breach had not taken place in the cloud.
- Some other common attack vectors for data breaches include cloud misconfiguration, sitting at 15%,
- About two thirds of people that are online have had their records stolen or compromised by malicious threat actors back in 2018.
- About three fourths of organizations that took part in this study said that they did have an incident recovery plan in place, sitting at 73%. 27% said they did not have such a plan in place in case of breaches.
- 63% of businesses that had an incident recovery plan in place said they tested this plan regularly. 27% said they did not test the plan regularly.
- Data breaches by threat actors increased steadily between 2013 until 2016.
- The most highly targeted secotr is the healthcare sector. Between 2013 until 2016, 2,248 breaches had occurred.
- Equifax, In September 2017, announced that they had been breached. This affected 148 million people. Some of the stolen data included names, home addresses, phone numbers, dates of birth, social security numbers as well as drivers license numbers (Click Here To Read More).
- In 2016 59% of all global data breaches were due to Identity theft which is the most common type of data breach incident.
- the US in 2019 had 1,473 reported data breaches which exposed 164.68 million records(Click Here To Read More).
- 38% of businesses feel like their security teams were sufficiently staff to meet their cyber security management needs while 62% said they were understaffed.
- Between 2013 and 2017 the US experienced 6,550 data breaches where as the UK only had 570 during that time period.
- In 2013 Myspace had a breach by an external malicious threat actor which resulted in access 360 million records.
- 780,000 records a day are lost to hacking.
- 330 million users were notified by Twitter of a glitch that stored passwords unmasked in an internal log. This made i
- A facial recognition company that has contracts with law enforcement agencies, Clearview AI, had its entire client list of over 3 billion photos stolen in February of 2020 (Click Here To Read More).
- In the 3rd quarter of 2019, 72.85% of global applications that were exploited, office applications were targeted.
- In May 2019, Canva suffered a massive data breach which impacted 137 million users. The data that was exposed included email addresses, names, usernames, cities and passwords which were stored as crypt hashes (Click Here To Read More).
- 71% of data breaches are financially motivated (Click Here To Read More).
- Public sector entities made up 16% of data breaches.
- Small Businesses were involved in 43% of data breaches.
- 63% of businesses that experienced a data breach are moving to implement biometric authentication.
- 39% of breaches were carried out by organized crime groups.
Leave a Reply