Are you curious about the current state of data breaches? Then look no further.
We’ve curated and categorized a list of up-to-date stats below.
Top data breach statistics
- 30% of attacks exploited valid accounts to gain initial access, this represents the most common entry point used by cybercriminals. (IBM)
- Ransomware payments exceeded $1 billion in 2023. (Chainalysis)
- Leveraging infostealer malware, cybercriminals steal an average of 50.9 login credentials per infected device. (Kaspersky)
- 68% of breaches involved the human element. (Verizon)
- In 17% of breaches, more than one threat actor is operating in the target environment. (Mandiant)
Account Takeover Statistics
- The number of ATO attacks jumped by 354% in 2023. (Sift)
- 30% of attacks exploited valid accounts to gain initial access, this represents the most common entry point used by cybercriminals. (IBM)
- 67% of ATO victims’ data was used for unauthorized purchases. (Sift)
- Account takeover fraud caused nearly $13 billion in losses in 2023. (AARP)
- 29% of people have experienced an account takeover. (security.org)
- Only 43% of ATO victims were notified by the company that their information had been compromised (Sift)
Ransomware Statistics
- Ransomware payments exceeded $1 billion in 2023. (Chainalysis)
- The average cost of a ransomware attack is USD 5.13 million. (IBM)
- Organizations that didn’t involve law enforcement paid 9.6% more and experienced a 33-day longer breach lifecycle. (IBM)
- Only 33% of breaches were identified by internal teams or tools. (IBM)
- 40% of breaches were identified by a benign third party. (IBM)
- 27% of breaches were disclosed by the ransomware threat actor. (IBM)
- Ransomware attacks disclosed by the attacker cost 19.5% more than the average cost of breaches identified by an internal team or tool. (IBM)
- Organizations that have automated response workflows designed specifically for ransomware attacks contain the incident in 16% fewer days than organizations without. (IBM)
- 32% of all breaches leverage ransomware or similar extortion techniques. (Verizon)
- Healthcare and Public Health are the most targeted critical infrastructure sector. (FBI)
Malware Statistics
- Malware deployment was the most common action taken by threat actors on victim networks, occurring in 43% of all reported incidents. (IBM)
- Leveraging infostealer malware, cybercriminals steal an average of 50.9 login credentials per infected device. (Kaspersky)
- The price for monthly access to a stealer command and control (C2) server ranges from $50 to over $1,000 USD. (Secureworks)
- The top 3 major malware families are RedLine, Raccoon, and Vidar. (GridinSoft)
- The first modern infostealer was Zeus which dates back to 2007 and was used to steal online banking credentials. (NordVPN)
- 61% of breaches were infostealer-malware related. (SpyCloud)
Data Breach Statistics
- There were 3,205 breaches in 2023, affecting over 353 million victims. (ITRC)
- 82% of breaches involve data stored in the cloud including public, private, and multiple environments. (IBM)
- Breaches that took less than 200 days to recover from cost on average USD 1.02 million less than those over 200 days. (IBM)
- The average dwell time for intrusions detected by an external third-party is 13 days. (Mandiant)
- The average dwell time for intrusions detected internally was only nine days. (Mandiant)
- The average cost of a data breach is USD 4.45 million. (IBM)
- The average cost per record involved in a data breach was USD 165. (IBM)
- Exploiting stolen or compromised credentials is the most common initial attack vector and is responsible for 16% of breaches. (IBM)
- Credential theft is the top action performed during a breach, accounting for 24% of all breaches. (Verizon)
- 32% of incidents leveraged legitimate tools or “Living Off the Land” techniques for malicious purposes. (IBM)
- The biggest impact of a data breach to an organization was data theft, making up 32% of incidents. (IBM)
- 68% of breaches involved the human element. (Verizon)
- 36% of intrusions are financially motivated. (Mandiant)
- In 17% of breaches, more than one threat actor is operating in the target environment. (Mandiant)
Business Email Compromise (BEC) Statistics:
- The median transaction for a BEC attack was around $50,000 (Verizon)
- BEC was the initial access vector in 9% of breaches. (IBM)
- In 2023, the IC3 received 21,489 BEC complaints with adjusted losses of over USD 2.9 billion. (FBI)
- In half the cases law enforcement was involved, they were able to recoup 79% of losses in BEC fraud. (FBI)
- Business email compromise losses have increased by more than 65% since 2019. (TheSSLStore)
- 99% of threats observed in corporate inboxes are response-based or credential theft attacks. (Fortra)
Identity Theft Statistics
- Americans lost a total of USD 43 billion to identity fraud in 2023. (AARP)
- The FTC received 2.6 million fraud reports in 2023. (FTC)
- In 2023, the IC3 received 19,778 identity theft complains with adjusted losses of over USD 126 billion. (FBI)
- Credit card fraud accounts for 40.2% of all identity theft cases. (FTC)
- Synthetic fraud (using PII to commit fraud) has seen a 38% YoY rise over the last two years, leading to losses of over USD 1.8 billion. (TransUnion)
- Attempted fraud transactions have jumped by 92%, while the total amounts involved in these attempts have increased by 146%. (NICE)
- In the past two years, 37% of consumers have been victims of someone using their identity to open a new account. (Aite-Novarica)
- New accounts are 9.5 times riskier than mature accounts. (NICE)
- 59% of new account fraud is mule related and will demonstrate mule characteristics within 45 days. (NICE)
Vulnerability Statistics
- In 2023, there was a 72% drop in the number of zero days compared to 2022 with only 172 new zero-day vulnerabilities. (IBM)
- The most common vulnerability exploited in 2023 was CVE-2023-34362, a SQL injection vulnerability in MOVEit Transfer. (Mandiant)
- Zero-day vulnerabilities make up only 3% of the vulnerability attack surface. (IBM)
- 29% of incidents exploited a vulnerability in a public-facing application. (IBM)
- 21% of the most common web application security risks were identification and authentication related issues. (IBM)