GITNUXREPORT 2026

Cyber Crime Statistics

Cyber crime cost over $12 billion in damages last year alone.

Sarah Mitchell

Senior Researcher specializing in consumer behavior and market trends.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Statistic 1

In 2023, over 300 million personal records were exposed in data breaches worldwide per Surfshark.

Statistic 2

MOVEit breach in 2023 affected 62 million individuals per HHS.

Statistic 3

Change Healthcare breach exposed 1/3 of Americans' health data in 2024 per HHS.

Statistic 4

Equifax breach in 2017 exposed 147 million SSNs per FTC.

Statistic 5

Yahoo's 2013 breach affected 3 billion accounts per SEC filing.

Statistic 6

Marriott Starwood breach 2018-2020 exposed 383 million guest records per company notice.

Statistic 7

Capital One breach 2019 affected 106 million customers per AWS announcement.

Statistic 8

Twitter (X) breach 2022 exposed 200 million email addresses per Have I Been Pwned.

Statistic 9

Optus Australia breach 2022 leaked 10 million customer records per OAIC.

Statistic 10

Uber breach 2022 exposed 57 million user data per company blog.

Statistic 11

LinkedIn scraped 700 million user data in 2021 per Cybernews.

Statistic 12

T-Mobile 2021 breach affected 54 million customers per FCC fine.

Statistic 13

Sony Pictures 2014 breach leaked 47,000 SSNs and emails per FBI.

Statistic 14

Anthem breach 2015 exposed 78.8 million health records per HHS.

Statistic 15

eBay 2014 breach compromised 145 million user credentials per company.

Statistic 16

Adobe 2013 breach leaked 153 million user records per Krebs.

Statistic 17

LastPass 2022 breach exposed encrypted vaults of 30 million users per company.

Statistic 18

Snowflake breaches 2024 affected 165 organizations with millions of records per Mandiant.

Statistic 19

MGM Resorts 2024 breach cost $100 million and exposed guest data per SEC filing.

Statistic 20

Ascension Health 2024 ransomware breach disrupted services for millions per HHS.

Statistic 21

CrowdStrike outage 2024 not a breach but affected 8.5 million devices per company.

Statistic 22

AT&T 2024 breach leaked 109 million call records per company notice.

Statistic 23

National Public Data breach 2024 exposed 2.9 billion records per ClassAction.org.

Statistic 24

Change Healthcare 2024 breach impacted 190 million claims per UnitedHealth.

Statistic 25

Verizon DBIR 2024 notes 68% of breaches involve human element per Verizon.

Statistic 26

5,200 data breaches reported in US 2023 per ITRC.

Statistic 27

Healthcare sector saw 540 major breaches in 2023 exposing 113 million records per HHS.

Statistic 28

Retail breaches averaged 15 million records exposed per incident in 2023 per IBM.

Statistic 29

Global DDoS attacks surged 118% to 9.5 million in 2023 per Cloudflare.

Statistic 30

Cyber attacks on IoT devices up 107% in 2023 per SonicWall.

Statistic 31

AI-powered cyber attacks increased 50% in 2023 per Darktrace.

Statistic 32

Deepfake incidents rose 550% in 2023 per Sumsub.

Statistic 33

Supply chain attacks up 42% in 2023 per ENISA.

Statistic 34

Zero-day exploits used in 25% of attacks per Google TAG.

Statistic 35

Cryptocurrency thefts totaled $3.7 billion in 2023 per Chainalysis.

Statistic 36

Nation-state attacks doubled to 40 per Mandiant M-Trends 2024.

Statistic 37

Mobile malware samples hit 12.7 million in 2023 per Kaspersky.

Statistic 38

OT/ICS attacks up 50% in 2023 per Dragos.

Statistic 39

Cloud misconfigurations caused 20% of breaches per Palo Alto.

Statistic 40

Generative AI misuse in attacks up 300% per CrowdStrike.

Statistic 41

75% of orgs expect AI to change cyber threats per Gartner.

Statistic 42

Infostealer malware infections 300 million in 2023 per SpyCloud.

Statistic 43

Quantum computing threats to encryption by 2030 per NIST.

Statistic 44

5G networks saw 15% attack increase per GSMA.

Statistic 45

Ransomware-as-a-Service groups grew to 150 in 2023 per SOCRadar.

Statistic 46

Insider threats up 44% in 2023 per Gartner.

Statistic 47

Cyber espionage campaigns 30% rise per Microsoft.

Statistic 48

Edge computing attacks projected 2x by 2025 per IDC.

Statistic 49

In 2023, the FBI's Internet Crime Complaint Center (IC3) received 880,418 complaints of cyber crime with total reported losses exceeding $12.5 billion USD.

Statistic 50

Business Email Compromise (BEC) scams caused $2.9 billion in losses in 2023 according to the FBI IC3 report.

Statistic 51

Investment fraud complaints rose to 69,000 in 2023 with losses of $4.57 billion as per FBI IC3 data.

Statistic 52

Cryptocurrency investment scams led to $4.57 billion in losses from 69,000 complaints in 2023 per FBI.

Statistic 53

Elder fraud complaints totaled 101,066 in 2023 with $3.4 billion losses reported to IC3.

Statistic 54

Global cybercrime costs are projected to reach $10.5 trillion annually by 2025 according to Cybersecurity Ventures.

Statistic 55

Ransomware damage costs are expected to hit $265 billion annually by 2031 per Cybersecurity Ventures.

Statistic 56

Average cost of a data breach in 2023 was $4.45 million according to IBM Cost of a Data Breach Report.

Statistic 57

Phishing attacks cost businesses an average of $4.91 million per incident in 2023 per Proofpoint.

Statistic 58

BEC attacks resulted in $43 billion global losses from 2016 to 2021 per FBI estimates.

Statistic 59

Tech support scams caused $862 million in losses in 2022 per FBI IC3.

Statistic 60

Romance scams led to $1.3 billion in losses from 70,000+ complaints in 2022 FBI data.

Statistic 61

Global cyber fraud losses reached $6 trillion in 2021 per Nilson Report.

Statistic 62

Average ransomware payment in 2023 was $1.54 million per Coveware report.

Statistic 63

U.S. businesses lost $5.1 billion to cybercrime in 2022 per Statista.

Statistic 64

Online shopping fraud losses hit $48 billion globally in 2023 per Juniper Research.

Statistic 65

Wire transfer fraud caused $1.8 billion losses in 2023 FBI IC3.

Statistic 66

Credit card fraud losses worldwide were $33 billion in 2022 per Nilson.

Statistic 67

Corporate account takeover losses averaged $140,000 per incident per FBI.

Statistic 68

Global cost of cybercrime expected to be $8 trillion in 2023 per Cybersecurity Ventures.

Statistic 69

Smishing attacks cost $1.5 million average per organization in 2023 per Proofpoint.

Statistic 70

Check fraud losses reached $20 billion in 2023 per ABA.

Statistic 71

Insurance claims for cyber incidents cost $2.5 billion in 2022 per Munich Re.

Statistic 72

Dark web data sales generated $1.5 billion revenue in 2023 per Recorded Future.

Statistic 73

Vishing scams led to $300 million losses in 2023 per FTC.

Statistic 74

Global ATM jackpotting fraud losses $50 million in 2022 per ATMIA.

Statistic 75

Payroll diversion fraud cost $250 million in 2023 per FBI.

Statistic 76

Cryptojacking revenue reached $2 billion in 2023 per Chainalysis.

Statistic 77

Merchant POS fraud losses $10 billion annually per LexisNexis.

Statistic 78

Average BEC loss per victim $120,000 in 2023 per FBI IC3.

Statistic 79

Phishing emails rose 58% to 3.4 billion in 2023 per APWG.

Statistic 80

300,000 phishing sites detected daily in 2023 per APWG.

Statistic 81

Smishing attacks up 47% in 2023 to 1.6 million per Zimperium.

Statistic 82

84% of orgs faced phishing in 2023 per Proofpoint.

Statistic 83

BEC phishing caused 21,439 complaints with $2.9B losses in 2023 FBI.

Statistic 84

Vishing incidents up 168% in 2023 per Group-IB.

Statistic 85

90% of data breaches start with phishing per Verizon DBIR 2024.

Statistic 86

Microsoft detected 2.3 billion phishing attempts daily in 2023 per DART.

Statistic 87

Spear-phishing success rate 71% vs 5% generic per Proofpoint.

Statistic 88

QR code phishing (quishing) up 51% in 2023 per KnowBe4.

Statistic 89

1 in 5 users click phishing links per Google.

Statistic 90

Malicious SMS messages hit 12 billion in 2023 per GlobalSign.

Statistic 91

36% of BEC attacks via phone per FBI 2023.

Statistic 92

Phishing kits sold on dark web for $50 average per Recorded Future.

Statistic 93

4.7 million phishing-related complaints to IC3 in 2023 per FBI.

Statistic 94

Evilginx2 phishing framework used in 40% attacks per Netcraft.

Statistic 95

Brand impersonation in phishing up 59% in 2023 per Proofpoint.

Statistic 96

98% of attacks rely on phishing per Egress.

Statistic 97

Average phishing email click time 1 minute per KnowBe4.

Statistic 98

79% of orgs hit by credential phishing in 2023 per Verizon.

Statistic 99

WhatsApp phishing scams up 280% in 2023 per Kaspersky.

Statistic 100

1.2 billion login credentials exposed via phishing in 2023 per SpyCloud.

Statistic 101

AI-generated phishing emails up 1,265% in 2023 per SlashNext.

Statistic 102

Ransomware groups claimed 2,000 victims in 2023 per SOCRadar.

Statistic 103

LockBit claimed 2,539 victims in 2023 per Group-IB.

Statistic 104

Conti ransomware disbanded after infecting 1,773 organizations per Elliptic.

Statistic 105

Cl0p exploited MOVEit vulnerability affecting 1,000+ orgs in 2023 per CISA.

Statistic 106

ALPHV/BlackCat extorted $300 million before FBI disruption in 2024 per DOJ.

Statistic 107

Akira ransomware hit 123 victims in Q1 2024 per Emsisoft.

Statistic 108

LockBit 3.0 used in 62% of ransomware attacks in 2023 per Sophos.

Statistic 109

Medusa ransomware emerged in 2023 claiming 60+ high-profile victims per Cyble.

Statistic 110

Rhysida hit 100+ orgs including hospitals in 2023 per CISA.

Statistic 111

Hive ransomware disrupted by FBI affecting 1,500+ victims per DOJ.

Statistic 112

REvil shut down after 400+ attacks costing $200 million per Chainalysis.

Statistic 113

DarkSide Colonial Pipeline attack 2021 led to $4.4 million ransom payment per DOJ.

Statistic 114

JBS meatpacking 2021 paid $11 million ransom after attack per company.

Statistic 115

Ireland HSE health service 2021 Conti attack disrupted services for weeks per HIQA.

Statistic 116

Costa Rica government 2022 Conti siege led to state of emergency per Reuters.

Statistic 117

Change Healthcare 2024 ALPHV attack disrupted US prescriptions per HHS.

Statistic 118

French hospital 2021 Ryuk attack caused patient death per Le Monde.

Statistic 119

Universal Health Services 2020 Ryuk hit 400 facilities per company.

Statistic 120

Ascension 2024 ransomware disrupted 140 hospitals per Becker's.

Statistic 121

CDK Global 2024 attack crippled 15,000 car dealers per Reuters.

Statistic 122

236.1 million ransomware attacks in 2022 per Check Point.

Statistic 123

Q3 2023 saw 140 new ransomware groups per Cyble.

Statistic 124

66% of orgs hit by ransomware in 2023 paid per Sophos.

1/124

Sources

Trusted by 500+ publications

+497

While the world was sleeping, cybercriminals quietly stole over $12.5 billion last year alone, a staggering toll revealed by the FBI's latest report that exposes the alarming scale and sophistication of modern digital crime.

Key Takeaways

In 2023, the FBI's Internet Crime Complaint Center (IC3) received 880,418 complaints of cyber crime with total reported losses exceeding $12.5 billion USD.
Business Email Compromise (BEC) scams caused $2.9 billion in losses in 2023 according to the FBI IC3 report.
Investment fraud complaints rose to 69,000 in 2023 with losses of $4.57 billion as per FBI IC3 data.
In 2023, over 300 million personal records were exposed in data breaches worldwide per Surfshark.
MOVEit breach in 2023 affected 62 million individuals per HHS.
Change Healthcare breach exposed 1/3 of Americans' health data in 2024 per HHS.
Ransomware groups claimed 2,000 victims in 2023 per SOCRadar.
LockBit claimed 2,539 victims in 2023 per Group-IB.
Conti ransomware disbanded after infecting 1,773 organizations per Elliptic.
Phishing emails rose 58% to 3.4 billion in 2023 per APWG.
300,000 phishing sites detected daily in 2023 per APWG.
Smishing attacks up 47% in 2023 to 1.6 million per Zimperium.
Global DDoS attacks surged 118% to 9.5 million in 2023 per Cloudflare.
Cyber attacks on IoT devices up 107% in 2023 per SonicWall.
AI-powered cyber attacks increased 50% in 2023 per Darktrace.

Cyber crime cost over $12 billion in damages last year alone.

Data Breaches

In 2023, over 300 million personal records were exposed in data breaches worldwide per Surfshark.
MOVEit breach in 2023 affected 62 million individuals per HHS.
Change Healthcare breach exposed 1/3 of Americans' health data in 2024 per HHS.
Equifax breach in 2017 exposed 147 million SSNs per FTC.
Yahoo's 2013 breach affected 3 billion accounts per SEC filing.
Marriott Starwood breach 2018-2020 exposed 383 million guest records per company notice.
Capital One breach 2019 affected 106 million customers per AWS announcement.
Twitter (X) breach 2022 exposed 200 million email addresses per Have I Been Pwned.
Optus Australia breach 2022 leaked 10 million customer records per OAIC.
Uber breach 2022 exposed 57 million user data per company blog.
LinkedIn scraped 700 million user data in 2021 per Cybernews.
T-Mobile 2021 breach affected 54 million customers per FCC fine.
Sony Pictures 2014 breach leaked 47,000 SSNs and emails per FBI.
Anthem breach 2015 exposed 78.8 million health records per HHS.
eBay 2014 breach compromised 145 million user credentials per company.
Adobe 2013 breach leaked 153 million user records per Krebs.
LastPass 2022 breach exposed encrypted vaults of 30 million users per company.
Snowflake breaches 2024 affected 165 organizations with millions of records per Mandiant.
MGM Resorts 2024 breach cost $100 million and exposed guest data per SEC filing.
Ascension Health 2024 ransomware breach disrupted services for millions per HHS.
CrowdStrike outage 2024 not a breach but affected 8.5 million devices per company.
AT&T 2024 breach leaked 109 million call records per company notice.
National Public Data breach 2024 exposed 2.9 billion records per ClassAction.org.
Change Healthcare 2024 breach impacted 190 million claims per UnitedHealth.
Verizon DBIR 2024 notes 68% of breaches involve human element per Verizon.
5,200 data breaches reported in US 2023 per ITRC.
Healthcare sector saw 540 major breaches in 2023 exposing 113 million records per HHS.
Retail breaches averaged 15 million records exposed per incident in 2023 per IBM.

Data Breaches Interpretation

Our collective digital identity is being auctioned off piecemeal in an endless yard sale, yet we still act surprised when the items on the shelf keep changing hands.

Emerging Threats and Trends

Global DDoS attacks surged 118% to 9.5 million in 2023 per Cloudflare.
Cyber attacks on IoT devices up 107% in 2023 per SonicWall.
AI-powered cyber attacks increased 50% in 2023 per Darktrace.
Deepfake incidents rose 550% in 2023 per Sumsub.
Supply chain attacks up 42% in 2023 per ENISA.
Zero-day exploits used in 25% of attacks per Google TAG.
Cryptocurrency thefts totaled $3.7 billion in 2023 per Chainalysis.
Nation-state attacks doubled to 40 per Mandiant M-Trends 2024.
Mobile malware samples hit 12.7 million in 2023 per Kaspersky.
OT/ICS attacks up 50% in 2023 per Dragos.
Cloud misconfigurations caused 20% of breaches per Palo Alto.
Generative AI misuse in attacks up 300% per CrowdStrike.
75% of orgs expect AI to change cyber threats per Gartner.
Infostealer malware infections 300 million in 2023 per SpyCloud.
Quantum computing threats to encryption by 2030 per NIST.
5G networks saw 15% attack increase per GSMA.
Ransomware-as-a-Service groups grew to 150 in 2023 per SOCRadar.
Insider threats up 44% in 2023 per Gartner.
Cyber espionage campaigns 30% rise per Microsoft.
Edge computing attacks projected 2x by 2025 per IDC.

Emerging Threats and Trends Interpretation

While the cyber attackers are busy doubling down on everything from DDoS to deepfakes and recruiting insiders for their heists, the rest of us are left frantically updating our passwords and hoping AI doesn't figure out how to change the channel on our smart fridges.

Financial Losses

In 2023, the FBI's Internet Crime Complaint Center (IC3) received 880,418 complaints of cyber crime with total reported losses exceeding $12.5 billion USD.
Business Email Compromise (BEC) scams caused $2.9 billion in losses in 2023 according to the FBI IC3 report.
Investment fraud complaints rose to 69,000 in 2023 with losses of $4.57 billion as per FBI IC3 data.
Cryptocurrency investment scams led to $4.57 billion in losses from 69,000 complaints in 2023 per FBI.
Elder fraud complaints totaled 101,066 in 2023 with $3.4 billion losses reported to IC3.
Global cybercrime costs are projected to reach $10.5 trillion annually by 2025 according to Cybersecurity Ventures.
Ransomware damage costs are expected to hit $265 billion annually by 2031 per Cybersecurity Ventures.
Average cost of a data breach in 2023 was $4.45 million according to IBM Cost of a Data Breach Report.
Phishing attacks cost businesses an average of $4.91 million per incident in 2023 per Proofpoint.
BEC attacks resulted in $43 billion global losses from 2016 to 2021 per FBI estimates.
Tech support scams caused $862 million in losses in 2022 per FBI IC3.
Romance scams led to $1.3 billion in losses from 70,000+ complaints in 2022 FBI data.
Global cyber fraud losses reached $6 trillion in 2021 per Nilson Report.
Average ransomware payment in 2023 was $1.54 million per Coveware report.
U.S. businesses lost $5.1 billion to cybercrime in 2022 per Statista.
Online shopping fraud losses hit $48 billion globally in 2023 per Juniper Research.
Wire transfer fraud caused $1.8 billion losses in 2023 FBI IC3.
Credit card fraud losses worldwide were $33 billion in 2022 per Nilson.
Corporate account takeover losses averaged $140,000 per incident per FBI.
Global cost of cybercrime expected to be $8 trillion in 2023 per Cybersecurity Ventures.
Smishing attacks cost $1.5 million average per organization in 2023 per Proofpoint.
Check fraud losses reached $20 billion in 2023 per ABA.
Insurance claims for cyber incidents cost $2.5 billion in 2022 per Munich Re.
Dark web data sales generated $1.5 billion revenue in 2023 per Recorded Future.
Vishing scams led to $300 million losses in 2023 per FTC.
Global ATM jackpotting fraud losses $50 million in 2022 per ATMIA.
Payroll diversion fraud cost $250 million in 2023 per FBI.
Cryptojacking revenue reached $2 billion in 2023 per Chainalysis.
Merchant POS fraud losses $10 billion annually per LexisNexis.
Average BEC loss per victim $120,000 in 2023 per FBI IC3.

Financial Losses Interpretation

It’s a staggering and expensive truth that in our digital age, we have collectively built a multi-trillion-dollar economy that primarily benefits scammers, fraudsters, and extortionists.

Phishing Attacks

Phishing emails rose 58% to 3.4 billion in 2023 per APWG.
300,000 phishing sites detected daily in 2023 per APWG.
Smishing attacks up 47% in 2023 to 1.6 million per Zimperium.
84% of orgs faced phishing in 2023 per Proofpoint.
BEC phishing caused 21,439 complaints with $2.9B losses in 2023 FBI.
Vishing incidents up 168% in 2023 per Group-IB.
90% of data breaches start with phishing per Verizon DBIR 2024.
Microsoft detected 2.3 billion phishing attempts daily in 2023 per DART.
Spear-phishing success rate 71% vs 5% generic per Proofpoint.
QR code phishing (quishing) up 51% in 2023 per KnowBe4.
1 in 5 users click phishing links per Google.
Malicious SMS messages hit 12 billion in 2023 per GlobalSign.
36% of BEC attacks via phone per FBI 2023.
Phishing kits sold on dark web for $50 average per Recorded Future.
4.7 million phishing-related complaints to IC3 in 2023 per FBI.
Evilginx2 phishing framework used in 40% attacks per Netcraft.
Brand impersonation in phishing up 59% in 2023 per Proofpoint.
98% of attacks rely on phishing per Egress.
Average phishing email click time 1 minute per KnowBe4.
79% of orgs hit by credential phishing in 2023 per Verizon.
WhatsApp phishing scams up 280% in 2023 per Kaspersky.
1.2 billion login credentials exposed via phishing in 2023 per SpyCloud.
AI-generated phishing emails up 1,265% in 2023 per SlashNext.

Phishing Attacks Interpretation

If humanity's collective inbox were a casino, phishing would be the alarmingly effective con game where nearly everyone loses, the house always wins, and the dealers just got a massive AI-powered upgrade.

Ransomware Incidents

Ransomware groups claimed 2,000 victims in 2023 per SOCRadar.
LockBit claimed 2,539 victims in 2023 per Group-IB.
Conti ransomware disbanded after infecting 1,773 organizations per Elliptic.
Cl0p exploited MOVEit vulnerability affecting 1,000+ orgs in 2023 per CISA.
ALPHV/BlackCat extorted $300 million before FBI disruption in 2024 per DOJ.
Akira ransomware hit 123 victims in Q1 2024 per Emsisoft.
LockBit 3.0 used in 62% of ransomware attacks in 2023 per Sophos.
Medusa ransomware emerged in 2023 claiming 60+ high-profile victims per Cyble.
Rhysida hit 100+ orgs including hospitals in 2023 per CISA.
Hive ransomware disrupted by FBI affecting 1,500+ victims per DOJ.
REvil shut down after 400+ attacks costing $200 million per Chainalysis.
DarkSide Colonial Pipeline attack 2021 led to $4.4 million ransom payment per DOJ.
JBS meatpacking 2021 paid $11 million ransom after attack per company.
Ireland HSE health service 2021 Conti attack disrupted services for weeks per HIQA.
Costa Rica government 2022 Conti siege led to state of emergency per Reuters.
Change Healthcare 2024 ALPHV attack disrupted US prescriptions per HHS.
French hospital 2021 Ryuk attack caused patient death per Le Monde.
Universal Health Services 2020 Ryuk hit 400 facilities per company.
Ascension 2024 ransomware disrupted 140 hospitals per Becker's.
CDK Global 2024 attack crippled 15,000 car dealers per Reuters.
236.1 million ransomware attacks in 2022 per Check Point.
Q3 2023 saw 140 new ransomware groups per Cyble.
66% of orgs hit by ransomware in 2023 paid per Sophos.

Ransomware Incidents Interpretation

Behind the eye-popping victim tallies and staggering ransom payouts lies a grim reality: ransomware isn't just a digital shakedown but a systemic siege that is increasingly holding the physical world—from hospitals to hamburgers—hostage.

Sources & References

Logos provided by Logo.dev