Data Breach Statistics: Breaches, ATO, Ransomware & Fraud

Data Breach Statistics: Breaches, ATO, Ransomware & Fraud

Are you curious about the current state of data breaches? Then look no further.

We’ve curated and categorized a list of up-to-date stats below.

Top data breach statistics

  1. 30% of attacks exploited valid accounts to gain initial access, this represents the most common entry point used by cybercriminals. (IBM)
  2. Ransomware payments exceeded $1 billion in 2023. (Chainalysis)
  3. Leveraging infostealer malware, cybercriminals steal an average of 50.9 login credentials per infected device. (Kaspersky)
  4. 68% of breaches involved the human element. (Verizon)
  5. In 17% of breaches, more than one threat actor is operating in the target environment. (Mandiant)

Account Takeover Statistics

  1. The number of ATO attacks jumped by 354% in 2023. (Sift)
  2. 30% of attacks exploited valid accounts to gain initial access, this represents the most common entry point used by cybercriminals. (IBM)
  3. 67% of ATO victims’ data was used for unauthorized purchases. (Sift)
  4. Account takeover fraud caused nearly $13 billion in losses in 2023. (AARP)
  5. 29% of people have experienced an account takeover. (security.org)
  6. Only 43% of ATO victims were notified by the company that their information had been compromised (Sift)

Ransomware Statistics

  1. Ransomware payments exceeded $1 billion in 2023. (Chainalysis)
  2. The average cost of a ransomware attack is USD 5.13 million. (IBM)
  3. Organizations that didn’t involve law enforcement paid 9.6% more and experienced a 33-day longer breach lifecycle. (IBM)
  4. Only 33% of breaches were identified by internal teams or tools. (IBM)
  5. 40% of breaches were identified by a benign third party. (IBM)
  6. 27% of breaches were disclosed by the ransomware threat actor. (IBM)
  7. Ransomware attacks disclosed by the attacker cost 19.5% more than the average cost of breaches identified by an internal team or tool. (IBM)
  8. Organizations that have automated response workflows designed specifically for ransomware attacks contain the incident in 16% fewer days than organizations without. (IBM)
  9. 32% of all breaches leverage ransomware or similar extortion techniques. (Verizon)
  10. Healthcare and Public Health are the most targeted critical infrastructure sector. (FBI)

Malware Statistics

  1. Malware deployment was the most common action taken by threat actors on victim networks, occurring in 43% of all reported incidents. (IBM)
  2. Leveraging infostealer malware, cybercriminals steal an average of 50.9 login credentials per infected device. (Kaspersky)
  3. The price for monthly access to a stealer command and control (C2) server ranges from $50 to over $1,000 USD. (Secureworks)
  4. The top 3 major malware families are RedLine, Raccoon, and Vidar. (GridinSoft)
  5. The first modern infostealer was Zeus which dates back to 2007 and was used to steal online banking credentials. (NordVPN)
  6. 61% of breaches were infostealer-malware related. (SpyCloud)

Data Breach Statistics

  1. There were 3,205 breaches in 2023, affecting over 353 million victims. (ITRC)
  2. 82% of breaches involve data stored in the cloud including public, private, and multiple environments. (IBM)
  3. Breaches that took less than 200 days to recover from cost on average USD 1.02 million less than those over 200 days. (IBM)
  4. The average dwell time for intrusions detected by an external third-party is 13 days. (Mandiant)
  5. The average dwell time for intrusions detected internally was only nine days. (Mandiant)
  6. The average cost of a data breach is USD 4.45 million. (IBM)
  7. The average cost per record involved in a data breach was USD 165. (IBM)
  8. Exploiting stolen or compromised credentials is the most common initial attack vector and is responsible for 16% of breaches. (IBM)
  9. Credential theft is the top action performed during a breach, accounting for 24% of all breaches. (Verizon)
  10. 32% of incidents leveraged legitimate tools or “Living Off the Land” techniques for malicious purposes. (IBM)
  11. The biggest impact of a data breach to an organization was data theft, making up 32% of incidents. (IBM)
  12. 68% of breaches involved the human element. (Verizon)
  13. 36% of intrusions are financially motivated. (Mandiant)
  14. In 17% of breaches, more than one threat actor is operating in the target environment. (Mandiant)

Business Email Compromise (BEC) Statistics:

  1. The median transaction for a BEC attack was around $50,000 (Verizon)
  2. BEC was the initial access vector in 9% of breaches. (IBM)
  3. In 2023, the IC3 received 21,489 BEC complaints with adjusted losses of over USD 2.9 billion. (FBI)
  4. In half the cases law enforcement was involved, they were able to recoup 79% of losses in BEC fraud. (FBI)
  5. Business email compromise losses have increased by more than 65% since 2019. (TheSSLStore)
  6. 99% of threats observed in corporate inboxes are response-based or credential theft attacks. (Fortra)

Identity Theft Statistics

  1. Americans lost a total of USD 43 billion to identity fraud in 2023. (AARP)
  2. The FTC received 2.6 million fraud reports in 2023. (FTC)
  3. In 2023, the IC3 received 19,778 identity theft complains with adjusted losses of over USD 126 billion. (FBI)
  4. Credit card fraud accounts for 40.2% of all identity theft cases. (FTC)
  5. Synthetic fraud (using PII to commit fraud) has seen a 38% YoY rise over the last two years, leading to losses of over USD 1.8 billion. (TransUnion)
  6. Attempted fraud transactions have jumped by 92%, while the total amounts involved in these attempts have increased by 146%. (NICE)
  7. In the past two years, 37% of consumers have been victims of someone using their identity to open a new account. (Aite-Novarica)
  8. New accounts are 9.5 times riskier than mature accounts. (NICE)
  9. 59% of new account fraud is mule related and will demonstrate mule characteristics within 45 days. (NICE)

Vulnerability Statistics

  1. In 2023, there was a 72% drop in the number of zero days compared to 2022 with only 172 new zero-day vulnerabilities. (IBM)
  2. The most common vulnerability exploited in 2023 was CVE-2023-34362, a SQL injection vulnerability in MOVEit Transfer. (Mandiant)
  3. Zero-day vulnerabilities make up only 3% of the vulnerability attack surface. (IBM)
  4. 29% of incidents exploited a vulnerability in a public-facing application. (IBM)
  5. 21% of the most common web application security risks were identification and authentication related issues. (IBM)

Related Articles