GITNUXREPORT 2026

Cybersecurity Breach Statistics

Recent record-breaking global cyberattacks highlight escalating threats across all sectors.

Written by Sophie Moreland·Fact-checked by Rebecca Hargrove

Published Feb 13, 2026·Last verified Feb 13, 2026·Next review: Aug 2026

How We Build This Report

Primary Source Collection

Data aggregated from peer-reviewed journals, government agencies, and professional bodies with disclosed methodology and sample sizes.

Editorial Curation

Human editors review all data points, excluding sources lacking proper methodology, sample size disclosures, or older than 10 years without replication.

AI-Powered Verification

Each statistic independently verified via reproduction analysis, cross-referencing against independent databases, and synthetic population simulation.

Human Cross-Check

Final human editorial review of all AI-verified statistics. Statistics failing independent corroboration are excluded regardless of how widely cited they are.

Statistics that could not be independently verified are excluded regardless of how widely cited they are elsewhere.

Our process →

Statistic 1

Phishing avg cost $4.91 million per incident IBM 2023

Statistic 2

Ransomware responsible for 23% of breaches Verizon 2024

Statistic 3

Stolen credentials 49% of breaches web apps Verizon

Statistic 4

Supply chain compromise 15% incidents Verizon DBIR

Statistic 5

Vulnerability exploitation 29% of breaches 2023

Statistic 6

DDoS attacks up 200% in 2023 Cloudflare

Statistic 7

Malware involved in 83% ransomware Sophos 2023

Statistic 8

Phishing emails 300% rise in 2023 Proofpoint

Statistic 9

BEC scams $2.9 billion losses FBI 2023

Statistic 10

Zero-day exploits 25% of intrusions Mandiant 2024

Statistic 11

Insider threats 19% of breaches Verizon

Statistic 12

SQL injection 8% web app breaches OWASP

Statistic 13

Man-in-the-middle 5% incidents IBM

Statistic 14

IoT attacks doubled to 2,200/day 2023 Kaspersky

Statistic 15

Cloud misconfig 19% breaches Palo Alto 2023

Statistic 16

API vulnerabilities exploited in 12% breaches Salt 2023

Statistic 17

Social engineering 74% initial access Verizon

Statistic 18

Remote services 62% breach vector COVID era

Statistic 19

Cryptojacking 65% rise Check Point 2023

Statistic 20

Fileless malware 77% detections CrowdStrike

Statistic 21

In 2023, global cybersecurity breaches affected over 3.5 billion personal records according to the Identity Theft Resource Center

Statistic 22

The Verizon 2024 DBIR reported 5,199 confirmed data breaches analyzed, with a 17% increase from 2022

Statistic 23

Ponemon Institute found 83% of organizations experienced more than one breach in 2023

Statistic 24

In the US, there were 3,205 data breaches reported in 2023 per HHS

Statistic 25

ENISA Threat Landscape 2023 noted 1,200+ significant incidents in EU

Statistic 26

CrowdStrike 2024 Global Threat Report identified 1.6 million adversary actions

Statistic 27

IBM reported average time to identify a breach at 204 days in 2023

Statistic 28

UpGuard listed 4,084 breaches in 2023 exposing 3.8 billion records

Statistic 29

Statista recorded 2,839 US breaches in H1 2023

Statistic 30

CISA reported 1,200+ cyber incidents in US federal agencies in 2023

Statistic 31

Microsoft Digital Defense Report 2023 logged 300 million daily threats

Statistic 32

Sophos State of Ransomware 2023 surveyed 2,843 attacks on orgs

Statistic 33

Mandiant M-Trends 2024 median dwell time 16 days for breaches

Statistic 34

Proofpoint 2023 report 84% orgs hit by phishing leading to breach

Statistic 35

Rapid7 2023 report 1,199 vulnerabilities exploited in breaches

Statistic 36

Okta 2023 report 6,515 security incidents across customers

Statistic 37

Cisco Annual Cybersecurity Report 2023 99.4% emails malicious

Statistic 38

Zscaler 2023 15 billion daily threats mitigated

Statistic 39

FireEye/Mandiant 2023 1,803 intrusions analyzed

Statistic 40

Recorded Future 2023 500+ state-sponsored breaches

Statistic 41

Darktrace 2023 detected 1 million novel threats daily

Statistic 42

KnowBe4 2023 90% breaches from phishing

Statistic 43

Kaspersky 2023 419 million unique threats detected

Statistic 44

Trend Micro 2023 79 billion threats stopped

Statistic 45

McAfee 2023 1.5 million attacks daily on endpoints

Statistic 46

Symantec 2023 400 million identities compromised yearly

Statistic 47

Norton 2023 11% rise in breaches affecting consumers

Statistic 48

Aura 2023 2,600 daily breaches worldwide

Statistic 49

Surfshark 2023 140 daily breaches per minute globally

Statistic 50

MOVEit breach in 2023 exposed 62 million records across 2,000 orgs

Statistic 51

Change Healthcare breach 2024 impacted 1/3 of Americans, 100 million records

Statistic 52

Equifax 2017 breach exposed 147 million SSNs and PII

Statistic 53

Yahoo 2013-2014 breaches totaled 3 billion accounts

Statistic 54

Marriott 2018-2020 breach 500 million guest records

Statistic 55

Capital One 2019 breach 100 million customer applications

Statistic 56

SolarWinds 2020 supply chain breach affected 18,000 orgs

Statistic 57

Colonial Pipeline 2021 ransomware exposed operational data

Statistic 58

Optus 2022 breach 10 million customer records

Statistic 59

Uber 2022 breach 77 million users' PII and passwords

Statistic 60

Twilio 2022 breach 163,000 customers SMS logs

Statistic 61

LastPass 2022 breach 30 million users vault data

Statistic 62

Snowflake 2024 breach 165 orgs, millions of records via stolen creds

Statistic 63

AT&T 2024 breach 73 million current/former customers PII

Statistic 64

National Public Data 2024 breach 2.9 billion records

Statistic 65

Oracle 2022-2023 6.3 million records from healthcare clients

Statistic 66

Saks Fifth Avenue 2024 4 million credit cards

Statistic 67

Hughes Network 2022 357k employee records

Statistic 68

T-Mobile 2023 37 million customer records

Statistic 69

23andMe 2023 6.9 million DNA profiles

Statistic 70

MGM Resorts 2023 10.3 million guest records

Statistic 71

Caesars Entertainment 2023 10 million loyalty program records

Statistic 72

Clorox 2023 supply chain data exposure

Statistic 73

Microsoft Exchange 2021 Hafnium breach 250k servers

Statistic 74

Log4Shell exploited in 2021 affecting millions of apps

Statistic 75

IBM 2023 Cost of Data Breach avg $4.88 million globally

Statistic 76

Ponemon/IBM 2023 US avg breach cost $9.44 million

Statistic 77

Verizon DBIR 2024 stolen creds avg cost $150k per breach

Statistic 78

Ponemon ransomware avg $4.54 million downtime cost 2023

Statistic 79

Accenture 2023 avg global breach $5.13 million

Statistic 80

Statista 2023 healthcare breach avg $10.93 million

Statistic 81

Deloitte 2023 financial services avg $5.9 million per breach

Statistic 82

EY 2023 avg ransomware payment $1.54 million

Statistic 83

Chainalysis 2024 crypto theft $3.8 billion from breaches

Statistic 84

Coveware 2023 avg ransom $1.2 million paid

Statistic 85

Sophos 2023 ransomware recovery avg $1.82 million

Statistic 86

Emsisoft 2023 US ransomware losses $1.1 billion

Statistic 87

Cybereason 2023 avg downtime 23 days costing $8.9 million

Statistic 88

NetDiligence 2023 cyber insurance claims $1.4 billion

Statistic 89

Woodruff Sawyer 2023 avg claim $4.5 million

Statistic 90

Risk Management Society 2023 breach notification $250k avg

Statistic 91

PwC 2023 global cyber spend $188 billion annually

Statistic 92

Gartner 2023 worldwide security spending $188.3 billion

Statistic 93

McKinsey 2023 cyber risk insurance premiums up 50%

Statistic 94

Boston Consulting Group 2023 avg breach $5.72 million APAC

Statistic 95

KPMG 2023 UK avg breach £10.4 million

Statistic 96

Orange Cyberdefense 2023 EU avg €4.5 million

Statistic 97

Healthcare 20% of breaches IBM 2023 costliest

Statistic 98

Financial services 15% incidents Verizon 2024

Statistic 99

Retail 11% breaches high PII exposure

Statistic 100

Government 10% targeted by nation-states Mandiant

Statistic 101

Manufacturing 24% ransomware Sophos 2023

Statistic 102

Education 9% breaches avg $4.41M IBM

Statistic 103

Energy 7% critical infra attacks CISA

Statistic 104

Tech 18% supply chain breaches Verizon

Statistic 105

Healthcare 54 days median detection IBM

Statistic 106

Finance fastest response 28 days IBM 2023

Statistic 107

Retail 71% cloud breaches Palo Alto

Statistic 108

Pharma 13% data theft Mandiant

Statistic 109

Telecom 8% SIM swap attacks FTC

Statistic 110

Hospitality 6% POS breaches Verizon

Statistic 111

Transportation 5% ransomware Emsisoft

Statistic 112

Professional services 12% IBM avg $5.08M

Statistic 113

Entertainment gaming 4% DDoS Cloudflare

Statistic 114

Non-profits 3% underreported breaches

Statistic 115

Construction 7% rising OT attacks Dragos

1/115

Sources

Trusted by 500+ publications

+497

With staggering statistics revealing that over 3.5 billion personal records were compromised globally in 2023 alone, it’s clear that cybersecurity breaches have escalated from an occasional headline to a relentless, daily crisis impacting every sector and individual.

Key Takeaways

In 2023, global cybersecurity breaches affected over 3.5 billion personal records according to the Identity Theft Resource Center
The Verizon 2024 DBIR reported 5,199 confirmed data breaches analyzed, with a 17% increase from 2022
Ponemon Institute found 83% of organizations experienced more than one breach in 2023
MOVEit breach in 2023 exposed 62 million records across 2,000 orgs
Change Healthcare breach 2024 impacted 1/3 of Americans, 100 million records
Equifax 2017 breach exposed 147 million SSNs and PII
IBM 2023 Cost of Data Breach avg $4.88 million globally
Ponemon/IBM 2023 US avg breach cost $9.44 million
Verizon DBIR 2024 stolen creds avg cost $150k per breach
Phishing avg cost $4.91 million per incident IBM 2023
Ransomware responsible for 23% of breaches Verizon 2024
Stolen credentials 49% of breaches web apps Verizon
Healthcare 20% of breaches IBM 2023 costliest
Financial services 15% incidents Verizon 2024
Retail 11% breaches high PII exposure

Recent record-breaking global cyberattacks highlight escalating threats across all sectors.

Attack Methods

1Phishing avg cost $4.91 million per incident IBM 2023

Verified

2Ransomware responsible for 23% of breaches Verizon 2024

Verified

3Stolen credentials 49% of breaches web apps Verizon

Verified

4Supply chain compromise 15% incidents Verizon DBIR

Directional

5Vulnerability exploitation 29% of breaches 2023

Single source

6DDoS attacks up 200% in 2023 Cloudflare

Verified

7Malware involved in 83% ransomware Sophos 2023

Verified

8Phishing emails 300% rise in 2023 Proofpoint

Verified

9BEC scams $2.9 billion losses FBI 2023

Directional

10Zero-day exploits 25% of intrusions Mandiant 2024

Single source

11Insider threats 19% of breaches Verizon

Verified

12SQL injection 8% web app breaches OWASP

Verified

13Man-in-the-middle 5% incidents IBM

Verified

14IoT attacks doubled to 2,200/day 2023 Kaspersky

Directional

15Cloud misconfig 19% breaches Palo Alto 2023

Single source

16API vulnerabilities exploited in 12% breaches Salt 2023

Verified

17Social engineering 74% initial access Verizon

Verified

18Remote services 62% breach vector COVID era

Verified

19Cryptojacking 65% rise Check Point 2023

Directional

20Fileless malware 77% detections CrowdStrike

Single source

Attack Methods Interpretation

If we distilled the current cyber threat landscape into a cocktail, it would be a depressingly expensive one mixed from a splash of human gullibility, a double-shot of unpatched vulnerabilities, a bitter rim of stolen credentials, and garnished with a ransomware olive that you’re somehow expected to pay for.

Breach Incidents

1In 2023, global cybersecurity breaches affected over 3.5 billion personal records according to the Identity Theft Resource Center

Verified

2The Verizon 2024 DBIR reported 5,199 confirmed data breaches analyzed, with a 17% increase from 2022

Verified

3Ponemon Institute found 83% of organizations experienced more than one breach in 2023

Verified

4In the US, there were 3,205 data breaches reported in 2023 per HHS

Directional

5ENISA Threat Landscape 2023 noted 1,200+ significant incidents in EU

Single source

6CrowdStrike 2024 Global Threat Report identified 1.6 million adversary actions

Verified

7IBM reported average time to identify a breach at 204 days in 2023

Verified

8UpGuard listed 4,084 breaches in 2023 exposing 3.8 billion records

Verified

9Statista recorded 2,839 US breaches in H1 2023

Directional

10CISA reported 1,200+ cyber incidents in US federal agencies in 2023

Single source

11Microsoft Digital Defense Report 2023 logged 300 million daily threats

Verified

12Sophos State of Ransomware 2023 surveyed 2,843 attacks on orgs

Verified

13Mandiant M-Trends 2024 median dwell time 16 days for breaches

Verified

14Proofpoint 2023 report 84% orgs hit by phishing leading to breach

Directional

15Rapid7 2023 report 1,199 vulnerabilities exploited in breaches

Single source

16Okta 2023 report 6,515 security incidents across customers

Verified

17Cisco Annual Cybersecurity Report 2023 99.4% emails malicious

Verified

18Zscaler 2023 15 billion daily threats mitigated

Verified

19FireEye/Mandiant 2023 1,803 intrusions analyzed

Directional

20Recorded Future 2023 500+ state-sponsored breaches

Single source

21Darktrace 2023 detected 1 million novel threats daily

Verified

22KnowBe4 2023 90% breaches from phishing

Verified

23Kaspersky 2023 419 million unique threats detected

Verified

24Trend Micro 2023 79 billion threats stopped

Directional

25McAfee 2023 1.5 million attacks daily on endpoints

Single source

26Symantec 2023 400 million identities compromised yearly

Verified

27Norton 2023 11% rise in breaches affecting consumers

Verified

28Aura 2023 2,600 daily breaches worldwide

Verified

29Surfshark 2023 140 daily breaches per minute globally

Directional

Breach Incidents Interpretation

Despite the industry's collective noise about artificial intelligence, the only thing multiplying faster than threats is the number of reports telling us we're already drowning in them.

Data Compromised

1MOVEit breach in 2023 exposed 62 million records across 2,000 orgs

Verified

2Change Healthcare breach 2024 impacted 1/3 of Americans, 100 million records

Verified

3Equifax 2017 breach exposed 147 million SSNs and PII

Verified

4Yahoo 2013-2014 breaches totaled 3 billion accounts

Directional

5Marriott 2018-2020 breach 500 million guest records

Single source

6Capital One 2019 breach 100 million customer applications

Verified

7SolarWinds 2020 supply chain breach affected 18,000 orgs

Verified

8Colonial Pipeline 2021 ransomware exposed operational data

Verified

9Optus 2022 breach 10 million customer records

Directional

10Uber 2022 breach 77 million users' PII and passwords

Single source

11Twilio 2022 breach 163,000 customers SMS logs

Verified

12LastPass 2022 breach 30 million users vault data

Verified

13Snowflake 2024 breach 165 orgs, millions of records via stolen creds

Verified

14AT&T 2024 breach 73 million current/former customers PII

Directional

15National Public Data 2024 breach 2.9 billion records

Single source

16Oracle 2022-2023 6.3 million records from healthcare clients

Verified

17Saks Fifth Avenue 2024 4 million credit cards

Verified

18Hughes Network 2022 357k employee records

Verified

19T-Mobile 2023 37 million customer records

Directional

2023andMe 2023 6.9 million DNA profiles

Single source

21MGM Resorts 2023 10.3 million guest records

Verified

22Caesars Entertainment 2023 10 million loyalty program records

Verified

23Clorox 2023 supply chain data exposure

Verified

24Microsoft Exchange 2021 Hafnium breach 250k servers

Directional

25Log4Shell exploited in 2021 affecting millions of apps

Single source

Data Compromised Interpretation

If this litany of digital carnage teaches us anything, it's that the modern world has perfected the art of creating incredibly valuable data and then scattering it like confetti at a parade for criminals.

Financial Losses

1IBM 2023 Cost of Data Breach avg $4.88 million globally

Verified

2Ponemon/IBM 2023 US avg breach cost $9.44 million

Verified

3Verizon DBIR 2024 stolen creds avg cost $150k per breach

Verified

4Ponemon ransomware avg $4.54 million downtime cost 2023

Directional

5Accenture 2023 avg global breach $5.13 million

Single source

6Statista 2023 healthcare breach avg $10.93 million

Verified

7Deloitte 2023 financial services avg $5.9 million per breach

Verified

8EY 2023 avg ransomware payment $1.54 million

Verified

9Chainalysis 2024 crypto theft $3.8 billion from breaches

Directional

10Coveware 2023 avg ransom $1.2 million paid

Single source

11Sophos 2023 ransomware recovery avg $1.82 million

Verified

12Emsisoft 2023 US ransomware losses $1.1 billion

Verified

13Cybereason 2023 avg downtime 23 days costing $8.9 million

Verified

14NetDiligence 2023 cyber insurance claims $1.4 billion

Directional

15Woodruff Sawyer 2023 avg claim $4.5 million

Single source

16Risk Management Society 2023 breach notification $250k avg

Verified

17PwC 2023 global cyber spend $188 billion annually

Verified

18Gartner 2023 worldwide security spending $188.3 billion

Verified

19McKinsey 2023 cyber risk insurance premiums up 50%

Directional

20Boston Consulting Group 2023 avg breach $5.72 million APAC

Single source

21KPMG 2023 UK avg breach £10.4 million

Verified

22Orange Cyberdefense 2023 EU avg €4.5 million

Verified

Financial Losses Interpretation

If we add up all the expensive lessons from these breach reports, it appears the global economy is funding a lavish, involuntary and highly exclusive subscription service for cybercriminals, with healthcare currently on the most expensive premium plan.

Industry Impacts

1Healthcare 20% of breaches IBM 2023 costliest

Verified

2Financial services 15% incidents Verizon 2024

Verified

3Retail 11% breaches high PII exposure

Verified

4Government 10% targeted by nation-states Mandiant

Directional

5Manufacturing 24% ransomware Sophos 2023

Single source

6Education 9% breaches avg $4.41M IBM

Verified

7Energy 7% critical infra attacks CISA

Verified

8Tech 18% supply chain breaches Verizon

Verified

9Healthcare 54 days median detection IBM

Directional

10Finance fastest response 28 days IBM 2023

Single source

11Retail 71% cloud breaches Palo Alto

Verified

12Pharma 13% data theft Mandiant

Verified

13Telecom 8% SIM swap attacks FTC

Verified

14Hospitality 6% POS breaches Verizon

Directional

15Transportation 5% ransomware Emsisoft

Single source

16Professional services 12% IBM avg $5.08M

Verified

17Entertainment gaming 4% DDoS Cloudflare

Verified

18Non-profits 3% underreported breaches

Verified

19Construction 7% rising OT attacks Dragos

Directional

Industry Impacts Interpretation

While healthcare bears the costly honor of being hackers' favorite punching bag, every sector from finance to factories is engaged in a grim, expensive race between who can patch their digital leaks faster and who can siphon off data and dollars quicker.