GITNUXREPORT 2026

Data Theft Statistics

Data theft costs are soaring globally, reaching millions per incident across all industries.

Alexander Schmidt

Research Analyst specializing in technology and digital transformation trends.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Statistic 1

Personal identifiable information (PII) was the most stolen data type at 45% of breaches

Statistic 2

Credentials stolen in 49% of web application breaches in 2023

Statistic 3

Financial data involved in 11% of breaches per Verizon DBIR 2024

Statistic 4

Protected health information (PHI) compromised in 20% healthcare incidents

Statistic 5

Payment card data stolen in 5% of all breaches but 24% retail

Statistic 6

Customer PII most targeted at 82% of breaches

Statistic 7

Intellectual property stolen in 12% of incidents 2023

Statistic 8

Medical records exposed in 47% of healthcare breaches 2023

Statistic 9

SSNs stolen in 15% of US identity theft cases 2023

Statistic 10

Email addresses leaked in 90% of large breaches

Statistic 11

Passwords compromised in 24% of incidents via keylogging

Statistic 12

Biometric data stolen in under 1% but rising in 2023

Statistic 13

Trade secrets exfiltrated in 23% espionage incidents

Statistic 14

Bank details in 8% of dark web listings 2023

Statistic 15

Fullz (complete identity kits) 35% of stolen data sales

Statistic 16

Corporate databases 40% of exfiltrated data volume

Statistic 17

IoT device credentials in 7% of breaches 2023

Statistic 18

Location data sold from 70% of mobile breaches

Statistic 19

Source code repositories hacked for IP in 18% dev breaches

Statistic 20

In 2023, the global average cost of a data breach reached $4.45 million, marking an 15% increase over five years

Statistic 21

US organizations faced the highest average data breach cost at $9.44 million in 2023

Statistic 22

Healthcare industry breaches cost an average of $10.93 million in 2023, the highest among sectors

Statistic 23

Phishing attacks contributed to 16% of breaches with an average cost of $4.88 million

Statistic 24

Lost business was the largest cost component at 36% or $1.6 million per breach in 2023

Statistic 25

Detection and escalation costs averaged $1.48 million per breach globally in 2023

Statistic 26

Post-breach response costs hit $1.39 million on average in 2023

Statistic 27

Notification costs per breach averaged $0.31 million in the US in 2023

Statistic 28

Organizations with high ransomware visibility saved $2.73 million per incident in 2023

Statistic 29

AI and automation reduced breach costs by an average of $1.76 million in 2023

Statistic 30

Zero trust approach saved $1.13 million per breach compared to others in 2023

Statistic 31

Incident response teams with high maturity saved $2.05 million per breach

Statistic 32

Cloud breaches cost $4.95 million on average versus $4.95 million hybrid in 2023

Statistic 33

Stolen credentials were involved in 19% of breaches costing $4.88 million avg

Statistic 34

Supply chain attacks cost $5.12 million on average in 2023

Statistic 35

The total global cost of cybercrime is projected to reach $10.5 trillion annually by 2025

Statistic 36

Data breaches cost businesses $4.35 million on average in 2022 per Ponemon

Statistic 37

Identity theft resulted in $5.8 billion in losses in 2022 per FTC

Statistic 38

Ransomware payments averaged $1.54 million per incident in 2023

Statistic 39

Dark web data sales generated $1.3 billion in 2022

Statistic 40

Credit card data theft cost $28.3 billion globally in 2022

Statistic 41

Business email compromise scams led to $2.9 billion losses in 2022

Statistic 42

Healthcare data breaches cost $9.77 million avg in 2022

Statistic 43

Retail sector breach costs averaged $3.32 million in 2023

Statistic 44

Finance sector averaged $5.96 million per breach in 2023

Statistic 45

Energy sector breaches cost $5.47 million avg in 2023

Statistic 46

Public sector averaged $3.20 million per breach cost in 2023

Statistic 47

Manufacturing sector $5.01 million avg breach cost 2023

Statistic 48

Healthcare was the most affected industry with 20% of breaches in 2023

Statistic 49

Financial services saw 14% of all breaches in 2023 Verizon

Statistic 50

Retail hit by 10% of incidents but higher costs

Statistic 51

Public administration 12% of breaches in 2023

Statistic 52

Manufacturing compromised in 13% of cases 2023

Statistic 53

Education sector 9% of breaches per Verizon 2024

Statistic 54

Energy/utilities 7% of incidents but high impact

Statistic 55

Transportation 5% of breaches in 2023

Statistic 56

25% of healthcare breaches involved ransomware 2023

Statistic 57

Finance phishing attacks in 22% of sector breaches

Statistic 58

Retail POS systems targeted in 30% incidents

Statistic 59

Government espionage 40% of public sector attacks

Statistic 60

Tech sector supply chain 25% of breaches 2023

Statistic 61

Pharma IP theft 60% from China per FBI

Statistic 62

Hospitality breaches up 28% post-pandemic

Statistic 63

Communications 8% of Verizon breaches 2023

Statistic 64

Consumer services 6% incidents high volume data

Statistic 65

There were 8,235 data breaches reported in the US in 2023

Statistic 66

Globally, data breaches increased by 20% from 2022 to 2023

Statistic 67

83% of organizations experienced more than one breach in 2023

Statistic 68

Phishing was involved in 36% of breaches in 2023 per Verizon DBIR

Statistic 69

74% of breaches involved a human element in 2023

Statistic 70

Ransomware incidents rose 37% year-over-year in 2023

Statistic 71

2,365 ransomware attacks confirmed in H1 2023

Statistic 72

Data breaches occurred every 39 seconds globally in 2023

Statistic 73

US had 3,205 breaches in 2023 per ITRC

Statistic 74

India reported 1.3 million cyber incidents in 2022-23

Statistic 75

UK saw 1,234 data breaches notified in 2023

Statistic 76

Australia had 1,299 cyber incidents reported in 2023

Statistic 77

16 billion records exposed in breaches in 2023

Statistic 78

98% of organizations experienced a cyber incident in past 2 years

Statistic 79

Supply chain compromises featured in 15% of breaches 2023

Statistic 80

Vulnerability exploitation in 29% of web app breaches 2023

Statistic 81

Use of stolen credentials in 49% of web app breaches

Statistic 82

Brute force attacks in 14% of incidents per Verizon 2023

Statistic 83

5,199 US data breaches exposed 953 million records in 2022

Statistic 84

Equifax breach in 2017 affected 147 million people

Statistic 85

95% of breaches contained within 200 days in 2023

Statistic 86

MFA blocked 99% of account compromise attempts 2023

Statistic 87

AI-driven security reduced breach lifecycle by 28 days

Statistic 88

Encrypted data harder to exploit, used in 50% incidents no loss

Statistic 89

Incident response testing cut costs by $2.66 million avg

Statistic 90

SIEM and XDR reduced MTTD by 37 days 2023

Statistic 91

52% of breaches due to exploited vulnerabilities

Statistic 92

Employee training reduced phishing success by 70%

Statistic 93

Zero trust adoption grew 26% in breached orgs

Statistic 94

Cloud security posture mgmt saved $1.49 million

Statistic 95

Breach notification avg 47 days post-discovery 2023

Statistic 96

Ransomware decryption success 0% without backup

Statistic 97

Dark web monitoring detected 60% early threats

Statistic 98

Patch management prevented 32% vuln exploits

Statistic 99

Privilege access mgmt cut lateral movement 50%

Statistic 100

GenAI in attacks rose to 8% of phishing 2024

Statistic 101

Quantum threats to encryption in 10 years per NIST

Statistic 102

Supply chain risk mgmt adopted by 71% post-SolarWinds

Statistic 103

Average time to identify breach 204 days in 2023

Statistic 104

Time to contain breach avg 73 days globally 2023

Statistic 105

Customer churn post-breach averaged 12.4% in 2023

Statistic 106

422 million records stolen in 30 major breaches in 2023 Q1-Q3

Statistic 107

Yahoo's 2013-2014 breaches impacted 3 billion accounts

Statistic 108

Marriott breach 2018-2020 exposed 383 million guests

Statistic 109

LinkedIn 2021 scrape affected 700 million users

Statistic 110

Facebook Cambridge Analytica impacted 87 million users

Statistic 111

Capital One 2019 breach hit 106 million customers

Statistic 112

T-Mobile 2021 breach exposed 54 million customers

Statistic 113

Optus Australia 2022 breach affected 10 million customers

Statistic 114

MOVEit breaches in 2023 impacted 62 million individuals

Statistic 115

Change Healthcare 2024 ransomware hit 1/3 of Americans

Statistic 116

353 million records exposed in 2023 US healthcare breaches

Statistic 117

110 million records in 521 financial breaches 2023 US

Statistic 118

2.6 billion records from 1,900 retail breaches since 2005

Statistic 119

1.5 billion personal records stolen in first half 2024

Statistic 120

Snowflake breaches 2024 affected 165 organizations, millions records

Statistic 121

National Public Data breach 2024 exposed 2.9 billion records

Statistic 122

17 million French citizens' data stolen in 2024 DC Health

Statistic 123

208 million UK voter records leaked 2024

Statistic 124

1.2 billion Indian Aadhaar numbers exposed 2018

Statistic 125

500 million LinkedIn profiles scraped 2021

1/125

Sources

Trusted by 500+ publications

+497

While the stunning statistic that every stolen record now costs businesses an average of $4.45 million might make your eyes water, the deeper story lies in how these breaches unfold and what truly makes some organizations more vulnerable than others.

Key Takeaways

In 2023, the global average cost of a data breach reached $4.45 million, marking an 15% increase over five years
US organizations faced the highest average data breach cost at $9.44 million in 2023
Healthcare industry breaches cost an average of $10.93 million in 2023, the highest among sectors
There were 8,235 data breaches reported in the US in 2023
Globally, data breaches increased by 20% from 2022 to 2023
83% of organizations experienced more than one breach in 2023
422 million records stolen in 30 major breaches in 2023 Q1-Q3
Yahoo's 2013-2014 breaches impacted 3 billion accounts
Marriott breach 2018-2020 exposed 383 million guests
Personal identifiable information (PII) was the most stolen data type at 45% of breaches
Credentials stolen in 49% of web application breaches in 2023
Financial data involved in 11% of breaches per Verizon DBIR 2024
Healthcare was the most affected industry with 20% of breaches in 2023
Financial services saw 14% of all breaches in 2023 Verizon
Retail hit by 10% of incidents but higher costs

Data theft costs are soaring globally, reaching millions per incident across all industries.

Data Types

Personal identifiable information (PII) was the most stolen data type at 45% of breaches
Credentials stolen in 49% of web application breaches in 2023
Financial data involved in 11% of breaches per Verizon DBIR 2024
Protected health information (PHI) compromised in 20% healthcare incidents
Payment card data stolen in 5% of all breaches but 24% retail
Customer PII most targeted at 82% of breaches
Intellectual property stolen in 12% of incidents 2023
Medical records exposed in 47% of healthcare breaches 2023
SSNs stolen in 15% of US identity theft cases 2023
Email addresses leaked in 90% of large breaches
Passwords compromised in 24% of incidents via keylogging
Biometric data stolen in under 1% but rising in 2023
Trade secrets exfiltrated in 23% espionage incidents
Bank details in 8% of dark web listings 2023
Fullz (complete identity kits) 35% of stolen data sales
Corporate databases 40% of exfiltrated data volume
IoT device credentials in 7% of breaches 2023
Location data sold from 70% of mobile breaches
Source code repositories hacked for IP in 18% dev breaches

Data Types Interpretation

If you're a modern criminal, your shopping list is oddly human: you're mostly just buying and selling people's identities, from their email addresses (90% of the time) and passwords to their very selves (with 'fullz' identity kits making up 35% of sales), because while stealing a company's secret sauce (23% of espionage) is valuable, there's no easier money than simply becoming someone else.

Financial Impact

In 2023, the global average cost of a data breach reached $4.45 million, marking an 15% increase over five years
US organizations faced the highest average data breach cost at $9.44 million in 2023
Healthcare industry breaches cost an average of $10.93 million in 2023, the highest among sectors
Phishing attacks contributed to 16% of breaches with an average cost of $4.88 million
Lost business was the largest cost component at 36% or $1.6 million per breach in 2023
Detection and escalation costs averaged $1.48 million per breach globally in 2023
Post-breach response costs hit $1.39 million on average in 2023
Notification costs per breach averaged $0.31 million in the US in 2023
Organizations with high ransomware visibility saved $2.73 million per incident in 2023
AI and automation reduced breach costs by an average of $1.76 million in 2023
Zero trust approach saved $1.13 million per breach compared to others in 2023
Incident response teams with high maturity saved $2.05 million per breach
Cloud breaches cost $4.95 million on average versus $4.95 million hybrid in 2023
Stolen credentials were involved in 19% of breaches costing $4.88 million avg
Supply chain attacks cost $5.12 million on average in 2023
The total global cost of cybercrime is projected to reach $10.5 trillion annually by 2025
Data breaches cost businesses $4.35 million on average in 2022 per Ponemon
Identity theft resulted in $5.8 billion in losses in 2022 per FTC
Ransomware payments averaged $1.54 million per incident in 2023
Dark web data sales generated $1.3 billion in 2022
Credit card data theft cost $28.3 billion globally in 2022
Business email compromise scams led to $2.9 billion losses in 2022
Healthcare data breaches cost $9.77 million avg in 2022
Retail sector breach costs averaged $3.32 million in 2023
Finance sector averaged $5.96 million per breach in 2023
Energy sector breaches cost $5.47 million avg in 2023
Public sector averaged $3.20 million per breach cost in 2023
Manufacturing sector $5.01 million avg breach cost 2023

Financial Impact Interpretation

Despite the sky-high cost of complacency—where a single phishing click can cost a company nearly $5 million—the data proves that investing in AI, zero trust, and a sharp incident response team isn't just prudent security; it's the most cost-effective apology you'll never have to make.

Industries Affected

Healthcare was the most affected industry with 20% of breaches in 2023
Financial services saw 14% of all breaches in 2023 Verizon
Retail hit by 10% of incidents but higher costs
Public administration 12% of breaches in 2023
Manufacturing compromised in 13% of cases 2023
Education sector 9% of breaches per Verizon 2024
Energy/utilities 7% of incidents but high impact
Transportation 5% of breaches in 2023
25% of healthcare breaches involved ransomware 2023
Finance phishing attacks in 22% of sector breaches
Retail POS systems targeted in 30% incidents
Government espionage 40% of public sector attacks
Tech sector supply chain 25% of breaches 2023
Pharma IP theft 60% from China per FBI
Hospitality breaches up 28% post-pandemic
Communications 8% of Verizon breaches 2023
Consumer services 6% incidents high volume data

Industries Affected Interpretation

In the grand data heist of 2023, your medical bills, credit score, and even your takeout order were all up for grabs, but the government’s secrets and China’s favorite pharma formulas were clearly the premium targets.

Prevalence

There were 8,235 data breaches reported in the US in 2023
Globally, data breaches increased by 20% from 2022 to 2023
83% of organizations experienced more than one breach in 2023
Phishing was involved in 36% of breaches in 2023 per Verizon DBIR
74% of breaches involved a human element in 2023
Ransomware incidents rose 37% year-over-year in 2023
2,365 ransomware attacks confirmed in H1 2023
Data breaches occurred every 39 seconds globally in 2023
US had 3,205 breaches in 2023 per ITRC
India reported 1.3 million cyber incidents in 2022-23
UK saw 1,234 data breaches notified in 2023
Australia had 1,299 cyber incidents reported in 2023
16 billion records exposed in breaches in 2023
98% of organizations experienced a cyber incident in past 2 years
Supply chain compromises featured in 15% of breaches 2023
Vulnerability exploitation in 29% of web app breaches 2023
Use of stolen credentials in 49% of web app breaches
Brute force attacks in 14% of incidents per Verizon 2023
5,199 US data breaches exposed 953 million records in 2022
Equifax breach in 2017 affected 147 million people

Prevalence Interpretation

While we’ve all become experts at avoiding suspicious emails, the grim reality of 2023’s data theft statistics suggests we might as well have left our digital doors wide open, considering breaches were as frequent as a ticking clock and humans—often unwittingly—held the key in nearly three-quarters of these incidents.

Trends Mitigation

95% of breaches contained within 200 days in 2023
MFA blocked 99% of account compromise attempts 2023
AI-driven security reduced breach lifecycle by 28 days
Encrypted data harder to exploit, used in 50% incidents no loss
Incident response testing cut costs by $2.66 million avg
SIEM and XDR reduced MTTD by 37 days 2023
52% of breaches due to exploited vulnerabilities
Employee training reduced phishing success by 70%
Zero trust adoption grew 26% in breached orgs
Cloud security posture mgmt saved $1.49 million
Breach notification avg 47 days post-discovery 2023
Ransomware decryption success 0% without backup
Dark web monitoring detected 60% early threats
Patch management prevented 32% vuln exploits
Privilege access mgmt cut lateral movement 50%
GenAI in attacks rose to 8% of phishing 2024
Quantum threats to encryption in 10 years per NIST
Supply chain risk mgmt adopted by 71% post-SolarWinds
Average time to identify breach 204 days in 2023
Time to contain breach avg 73 days globally 2023
Customer churn post-breach averaged 12.4% in 2023

Trends Mitigation Interpretation

While defenses like MFA and zero trust are getting stronger, the sheer persistence of attackers—who often lurk undetected for months—means our security victories are less about building impenetrable walls and more about relentlessly shortening their stay and limiting the damage when they inevitably get in.

Victims Affected

422 million records stolen in 30 major breaches in 2023 Q1-Q3
Yahoo's 2013-2014 breaches impacted 3 billion accounts
Marriott breach 2018-2020 exposed 383 million guests
LinkedIn 2021 scrape affected 700 million users
Facebook Cambridge Analytica impacted 87 million users
Capital One 2019 breach hit 106 million customers
T-Mobile 2021 breach exposed 54 million customers
Optus Australia 2022 breach affected 10 million customers
MOVEit breaches in 2023 impacted 62 million individuals
Change Healthcare 2024 ransomware hit 1/3 of Americans
353 million records exposed in 2023 US healthcare breaches
110 million records in 521 financial breaches 2023 US
2.6 billion records from 1,900 retail breaches since 2005
1.5 billion personal records stolen in first half 2024
Snowflake breaches 2024 affected 165 organizations, millions records
National Public Data breach 2024 exposed 2.9 billion records
17 million French citizens' data stolen in 2024 DC Health
208 million UK voter records leaked 2024
1.2 billion Indian Aadhaar numbers exposed 2018
500 million LinkedIn profiles scraped 2021

Victims Affected Interpretation

These figures make it chillingly clear that in our hyper-connected age, personal data has become the most frequently and catastrophically spilled commodity, leaving us all perpetually mopping up a digital flood with a teaspoon.

Sources & References

Logos provided by Logo.dev