GITNUXREPORT 2026

Internet Security Statistics

Cyberattacks surged alarmingly in 2023 primarily due to widespread human error and inadequate training.

Min-ji Park

Min-ji Park

Research Analyst focused on sustainability and consumer trends.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Key Statistics

Statistic 1

There were 2,365 publicly disclosed data breaches in the US in 2023, a 72% increase from 2022 according to ITRC

Statistic 2

The average cost of a data breach in 2023 reached $4.45 million, up 15% over three years per IBM's Cost of a Data Breach Report

Statistic 3

MOVEit breaches exposed data of 62 million individuals in 2023, as tracked by SecurityWeek

Statistic 4

Change Healthcare breach affected 1/3 of Americans, exposing 100 million records per HHS

Statistic 5

23andMe breach leaked genetic data of 6.9 million users in 2023 per company notification

Statistic 6

Snowflake breaches impacted 165 organizations, leading to 100 million records stolen per Mandiant

Statistic 7

AT&T breach exposed call records of 109 million accounts per company disclosure

Statistic 8

MGM Resorts ransomware halted operations costing $100 million per SEC filing

Statistic 9

Clorox breach led to $49 million revenue loss in Q4 2023 per earnings call

Statistic 10

Uber breach via social engineering exposed source code in 2022 but impacts lingered into 2023

Statistic 11

LastPass breach affected 30 million users' vaults per company update

Statistic 12

Okta support breach compromised 134 customers per disclosure

Statistic 13

Caesars Entertainment paid $15 million ransom in 2023 breach per WSJ

Statistic 14

Change Healthcare paid undisclosed ransom estimated at $22 million per reports

Statistic 15

SAP NetWeaver vulnerabilities exploited in 1,200+ attacks per Onapsis

Statistic 16

Optus breach in Australia exposed 10 million customers' data in 2022 impacts 2023

Statistic 17

Twilio breach via MFA fatigue affected 163 customers per disclosure

Statistic 18

CitrixBleed vulnerability led to 50+ breaches exposing millions per company

Statistic 19

Medibank breach in Australia leaked 9.7 million records per OAIC

Statistic 20

British Library ransomware destroyed irreplaceable data per BBC

Statistic 21

MOVEit Transfer flaw exploited by Clop in 2,000+ orgs per Progress Software

Statistic 22

Multi-factor authentication (MFA) adoption stands at 52% among organizations per Microsoft's 2023 DNS report

Statistic 23

83% of organizations use AI/ML for threat detection per Palo Alto Networks 2023 survey

Statistic 24

Endpoint detection and response (EDR) tools blocked 1.2 billion malware attacks in 2023 per CrowdStrike

Statistic 25

Zero-trust architecture implemented by 81% of enterprises per Zscaler 2023 report

Statistic 26

Cloud security posture management (CSPM) tools detected 450 million misconfigurations in 2023 per Prisma Cloud

Statistic 27

SIEM systems processed 2.5 petabytes of log data daily on average per Splunk 2023 stats

Statistic 28

Passwordless authentication reduces risk by 99.9% per Microsoft study

Statistic 29

EDR adoption grew to 72% in enterprises per Gartner 2023 poll

Statistic 30

XDR platforms prevented 4.5 million attacks per vendor averages in 2023

Statistic 31

SASE adoption reached 40% globally per Gartner 2023

Statistic 32

CASB tools blocked 2.8 million shadow IT apps in 2023 per Netskope

Statistic 33

Behavioral analytics detected 78% of insider threats per Gurucul

Statistic 34

92% of executives use MFA but only 44% enforce it org-wide per Yubico

Statistic 35

Vulnerability management programs patch 85% of CVEs within 30 days per Tenable

Statistic 36

Threat hunting teams uncovered 55% more threats per Gartner

Statistic 37

Network segmentation reduced breach scope by 50% per NIST case studies

Statistic 38

DLP solutions prevented 1.1 million data exfiltrations per Forcepoint 2023

Statistic 39

SOAR automation cut response time by 66% per IBM X-Force

Statistic 40

Identity and access management (IAM) maturity low at 25% per SailPoint

Statistic 41

WAF blocked 5.2 trillion attacks in 2023 per F5 report

Statistic 42

UEBA tools flagged 92% of anomalous behaviors per Exabeam

Statistic 43

Global cybercrime costs are projected to reach $10.5 trillion annually by 2025 per Cybersecurity Ventures

Statistic 44

Ransomware cost businesses $20 billion in 2023 according to Chainalysis Crypto Crime Report

Statistic 45

Average ransomware payment was $1.54 million in 2023 per Sophos State of Ransomware

Statistic 46

Cyber insurance claims rose 50% in 2023 costing $3.5 billion per Munich Re

Statistic 47

BEC scams caused $2.9 billion in losses in 2023 per FBI IC3 report

Statistic 48

Downtime from breaches cost $9,440 per minute per Ponemon Institute

Statistic 49

Healthcare breach costs averaged $10.93 million in 2023 per IBM

Statistic 50

Retail sector saw $3.37 million average breach cost per IBM

Statistic 51

Financial services breaches cost $5.9 million on average per IBM 2023

Statistic 52

Lost productivity from cyber incidents cost $1.5 trillion globally per McAfee

Statistic 53

Detection and escalation costs averaged $1.92 million per breach per IBM

Statistic 54

Notification costs post-breach hit $0.31 million average per IBM 2023

Statistic 55

Brand damage from breaches lasts 2.3 years costing $1.4 million extra per Ponemon

Statistic 56

Post-breach stock price drops average 8% per University of Texas study

Statistic 57

SMBs face 43% higher breach costs relative to revenue per IBM

Statistic 58

Average time to identify breach is 204 days per IBM 2023, costing extra $4.5 million

Statistic 59

Containment costs averaged $1.58 million per IBM report

Statistic 60

Ex-post breach response consumed 28% of total costs per IBM

Statistic 61

Breach fines and penalties averaged $0.44 million per IBM

Statistic 62

Lost business costs $1.5 million average from breaches per IBM

Statistic 63

Customer churn post-breach at 32% per Ponemon

Statistic 64

In 2023, ransomware attacks increased by 73% year-over-year, affecting over 2,200 victims worldwide according to the Emsisoft Ransomware Report

Statistic 65

DDoS attacks surged by 178% in the first half of 2023 compared to 2022, with over 8.46 million incidents recorded by Cloudflare

Statistic 66

Phishing attacks accounted for 36% of all data breaches in 2023 per Verizon's DBIR

Statistic 67

State-sponsored attacks rose 150% in 2023 with China-linked groups active in 50+ countries per Microsoft

Statistic 68

Supply chain attacks increased by 42% in 2023 per Sonatype report

Statistic 69

IoT devices faced 1.5 billion attacks per week in Q1 2024 per SonicWall

Statistic 70

Mobile malware samples grew to 12.7 million in 2023 per Kaspersky

Statistic 71

Cryptojacking incidents increased 29% to 76 million in 2023 per SonicWall

Statistic 72

APT groups numbered 148 active in 2023 per CrowdStrike Global Threat Report 2024

Statistic 73

Vulnerability exploits in breaches dropped to 29% but severity rose per Verizon

Statistic 74

Deepfake incidents in attacks tripled to 3,000+ in 2023 per Home Security Heroes

Statistic 75

Zero-day vulnerabilities exploited in 25% of intrusions per Google TAG

Statistic 76

Botnet attacks hit 7.2 billion per day in 2023 per Imperva

Statistic 77

Fileless malware attacks grew 225% in 2023 per Malwarebytes

Statistic 78

Nation-state actors conducted 40% of observed attacks per Mandiant M-Trends 2024

Statistic 79

Watering hole attacks targeted 150+ orgs in 2023 per Recorded Future

Statistic 80

Credential stuffing attacks hit 200 billion attempts in 2023 per Akamai

Statistic 81

Spyware infections rose 50% targeting journalists per Amnesty International

Statistic 82

ICS/OT attacks doubled to 400 per week per Dragos 2023

Statistic 83

Magecart attacks on e-commerce sites hit 1,800 in 2023 per RiskIQ

Statistic 84

Infostealer malware stole 2 billion credentials in 2023 per SpyCloud

Statistic 85

74% of breaches involved a human element like phishing or error per Verizon DBIR 2024

Statistic 86

95% of cybersecurity issues are due to human error according to Help Net Security survey

Statistic 87

Only 24% of employees received cybersecurity training in the past year per Proofpoint 2023 report

Statistic 88

81% of hacking-related breaches used stolen credentials per Verizon DBIR 2024

Statistic 89

Password reuse is practiced by 59% of users per Google 2023 survey

Statistic 90

Social media phishing success rate is 3.24% vs email's 0.05% per KnowBe4

Statistic 91

Use of compromised personal devices in breaches rose 20% per Verizon DBIR

Statistic 92

43% of users click phishing links in simulations per Proofpoint

Statistic 93

Remote workers 300% more likely to infect systems per Zscaler

Statistic 94

68% of breaches involved privileged credentials per BeyondCorp study

Statistic 95

Generative AI phishing emails rose 1,265% in late 2023 per SlashNext

Statistic 96

Only 15% of SMBs have incident response plans per Accenture

Statistic 97

Misconfigurations caused 60% of cloud breaches per Palo Alto 2023

Statistic 98

91% of organizations experienced phishing attempts per Proofpoint 2024

Statistic 99

Employee training reduces phishing success by 70% per Infosec Institute

Statistic 100

IoT devices in breaches increased 150% per Verizon DBIR

Statistic 101

52% of users share passwords with colleagues per LastPass study

Statistic 102

Vishing calls rose 344% in 2023 per Barracuda

Statistic 103

Third-party breaches caused 44% of incidents per UpGuard

Statistic 104

70% of employees bypassed security policies per Varonis

Statistic 105

AI-generated phishing evaded detection 60% more per Egress

Sources
Trusted by 500+ publications
Harvard Business ReviewThe GuardianFortune+497
Imagine a world where cyberattacks surged by 73%, ransomware payments averaged $1.5 million, and human error was behind a staggering 95% of security incidents; welcome to the alarming reality of internet security in 2023, a year where digital defenses were tested like never before.

Key Takeaways

  • In 2023, ransomware attacks increased by 73% year-over-year, affecting over 2,200 victims worldwide according to the Emsisoft Ransomware Report
  • DDoS attacks surged by 178% in the first half of 2023 compared to 2022, with over 8.46 million incidents recorded by Cloudflare
  • Phishing attacks accounted for 36% of all data breaches in 2023 per Verizon's DBIR
  • There were 2,365 publicly disclosed data breaches in the US in 2023, a 72% increase from 2022 according to ITRC
  • The average cost of a data breach in 2023 reached $4.45 million, up 15% over three years per IBM's Cost of a Data Breach Report
  • MOVEit breaches exposed data of 62 million individuals in 2023, as tracked by SecurityWeek
  • 74% of breaches involved a human element like phishing or error per Verizon DBIR 2024
  • 95% of cybersecurity issues are due to human error according to Help Net Security survey
  • Only 24% of employees received cybersecurity training in the past year per Proofpoint 2023 report
  • Multi-factor authentication (MFA) adoption stands at 52% among organizations per Microsoft's 2023 DNS report
  • 83% of organizations use AI/ML for threat detection per Palo Alto Networks 2023 survey
  • Endpoint detection and response (EDR) tools blocked 1.2 billion malware attacks in 2023 per CrowdStrike
  • Global cybercrime costs are projected to reach $10.5 trillion annually by 2025 per Cybersecurity Ventures
  • Ransomware cost businesses $20 billion in 2023 according to Chainalysis Crypto Crime Report
  • Average ransomware payment was $1.54 million in 2023 per Sophos State of Ransomware

Cyberattacks surged alarmingly in 2023 primarily due to widespread human error and inadequate training.

Breach Incidents

  • There were 2,365 publicly disclosed data breaches in the US in 2023, a 72% increase from 2022 according to ITRC
  • The average cost of a data breach in 2023 reached $4.45 million, up 15% over three years per IBM's Cost of a Data Breach Report
  • MOVEit breaches exposed data of 62 million individuals in 2023, as tracked by SecurityWeek
  • Change Healthcare breach affected 1/3 of Americans, exposing 100 million records per HHS
  • 23andMe breach leaked genetic data of 6.9 million users in 2023 per company notification
  • Snowflake breaches impacted 165 organizations, leading to 100 million records stolen per Mandiant
  • AT&T breach exposed call records of 109 million accounts per company disclosure
  • MGM Resorts ransomware halted operations costing $100 million per SEC filing
  • Clorox breach led to $49 million revenue loss in Q4 2023 per earnings call
  • Uber breach via social engineering exposed source code in 2022 but impacts lingered into 2023
  • LastPass breach affected 30 million users' vaults per company update
  • Okta support breach compromised 134 customers per disclosure
  • Caesars Entertainment paid $15 million ransom in 2023 breach per WSJ
  • Change Healthcare paid undisclosed ransom estimated at $22 million per reports
  • SAP NetWeaver vulnerabilities exploited in 1,200+ attacks per Onapsis
  • Optus breach in Australia exposed 10 million customers' data in 2022 impacts 2023
  • Twilio breach via MFA fatigue affected 163 customers per disclosure
  • CitrixBleed vulnerability led to 50+ breaches exposing millions per company
  • Medibank breach in Australia leaked 9.7 million records per OAIC
  • British Library ransomware destroyed irreplaceable data per BBC
  • MOVEit Transfer flaw exploited by Clop in 2,000+ orgs per Progress Software

Breach Incidents Interpretation

It seems that in the grand, modern heist of data, we're not just failing to guard the vault but leaving the blueprints and a complimentary keychain on the front steps, judging by a year where breaches skyrocketed, costs ballooned, and everyone from your genetic code to your grandma's bingo night was up for grabs.

Defense Technologies

  • Multi-factor authentication (MFA) adoption stands at 52% among organizations per Microsoft's 2023 DNS report
  • 83% of organizations use AI/ML for threat detection per Palo Alto Networks 2023 survey
  • Endpoint detection and response (EDR) tools blocked 1.2 billion malware attacks in 2023 per CrowdStrike
  • Zero-trust architecture implemented by 81% of enterprises per Zscaler 2023 report
  • Cloud security posture management (CSPM) tools detected 450 million misconfigurations in 2023 per Prisma Cloud
  • SIEM systems processed 2.5 petabytes of log data daily on average per Splunk 2023 stats
  • Passwordless authentication reduces risk by 99.9% per Microsoft study
  • EDR adoption grew to 72% in enterprises per Gartner 2023 poll
  • XDR platforms prevented 4.5 million attacks per vendor averages in 2023
  • SASE adoption reached 40% globally per Gartner 2023
  • CASB tools blocked 2.8 million shadow IT apps in 2023 per Netskope
  • Behavioral analytics detected 78% of insider threats per Gurucul
  • 92% of executives use MFA but only 44% enforce it org-wide per Yubico
  • Vulnerability management programs patch 85% of CVEs within 30 days per Tenable
  • Threat hunting teams uncovered 55% more threats per Gartner
  • Network segmentation reduced breach scope by 50% per NIST case studies
  • DLP solutions prevented 1.1 million data exfiltrations per Forcepoint 2023
  • SOAR automation cut response time by 66% per IBM X-Force
  • Identity and access management (IAM) maturity low at 25% per SailPoint
  • WAF blocked 5.2 trillion attacks in 2023 per F5 report
  • UEBA tools flagged 92% of anomalous behaviors per Exabeam

Defense Technologies Interpretation

Despite the impressive array of digital shields and smart algorithms we've built, our security posture remains a tale of two trends: remarkable technological defenses are constantly battling the relentless tide of threats, while being critically undermined by inconsistent human adoption and enforcement.

Economic Impacts

  • Global cybercrime costs are projected to reach $10.5 trillion annually by 2025 per Cybersecurity Ventures
  • Ransomware cost businesses $20 billion in 2023 according to Chainalysis Crypto Crime Report
  • Average ransomware payment was $1.54 million in 2023 per Sophos State of Ransomware
  • Cyber insurance claims rose 50% in 2023 costing $3.5 billion per Munich Re
  • BEC scams caused $2.9 billion in losses in 2023 per FBI IC3 report
  • Downtime from breaches cost $9,440 per minute per Ponemon Institute
  • Healthcare breach costs averaged $10.93 million in 2023 per IBM
  • Retail sector saw $3.37 million average breach cost per IBM
  • Financial services breaches cost $5.9 million on average per IBM 2023
  • Lost productivity from cyber incidents cost $1.5 trillion globally per McAfee
  • Detection and escalation costs averaged $1.92 million per breach per IBM
  • Notification costs post-breach hit $0.31 million average per IBM 2023
  • Brand damage from breaches lasts 2.3 years costing $1.4 million extra per Ponemon
  • Post-breach stock price drops average 8% per University of Texas study
  • SMBs face 43% higher breach costs relative to revenue per IBM
  • Average time to identify breach is 204 days per IBM 2023, costing extra $4.5 million
  • Containment costs averaged $1.58 million per IBM report
  • Ex-post breach response consumed 28% of total costs per IBM
  • Breach fines and penalties averaged $0.44 million per IBM
  • Lost business costs $1.5 million average from breaches per IBM
  • Customer churn post-breach at 32% per Ponemon

Economic Impacts Interpretation

The startling statistics reveal that cybercrime has evolved from a digital nuisance into a trillion-dollar parasite, methodically siphoning not just cash but time, trust, and entire market valuations from the global economy.

Threat Landscape

  • In 2023, ransomware attacks increased by 73% year-over-year, affecting over 2,200 victims worldwide according to the Emsisoft Ransomware Report
  • DDoS attacks surged by 178% in the first half of 2023 compared to 2022, with over 8.46 million incidents recorded by Cloudflare
  • Phishing attacks accounted for 36% of all data breaches in 2023 per Verizon's DBIR
  • State-sponsored attacks rose 150% in 2023 with China-linked groups active in 50+ countries per Microsoft
  • Supply chain attacks increased by 42% in 2023 per Sonatype report
  • IoT devices faced 1.5 billion attacks per week in Q1 2024 per SonicWall
  • Mobile malware samples grew to 12.7 million in 2023 per Kaspersky
  • Cryptojacking incidents increased 29% to 76 million in 2023 per SonicWall
  • APT groups numbered 148 active in 2023 per CrowdStrike Global Threat Report 2024
  • Vulnerability exploits in breaches dropped to 29% but severity rose per Verizon
  • Deepfake incidents in attacks tripled to 3,000+ in 2023 per Home Security Heroes
  • Zero-day vulnerabilities exploited in 25% of intrusions per Google TAG
  • Botnet attacks hit 7.2 billion per day in 2023 per Imperva
  • Fileless malware attacks grew 225% in 2023 per Malwarebytes
  • Nation-state actors conducted 40% of observed attacks per Mandiant M-Trends 2024
  • Watering hole attacks targeted 150+ orgs in 2023 per Recorded Future
  • Credential stuffing attacks hit 200 billion attempts in 2023 per Akamai
  • Spyware infections rose 50% targeting journalists per Amnesty International
  • ICS/OT attacks doubled to 400 per week per Dragos 2023
  • Magecart attacks on e-commerce sites hit 1,800 in 2023 per RiskIQ
  • Infostealer malware stole 2 billion credentials in 2023 per SpyCloud

Threat Landscape Interpretation

The internet's bad actors have clearly taken "new year, new me" to heart, launching a full-spectrum assault that’s less a subtle pickpocketing and more a frenzied, multi-pronged heist on everything from our data and devices to our very sense of reality.

User Vulnerabilities

  • 74% of breaches involved a human element like phishing or error per Verizon DBIR 2024
  • 95% of cybersecurity issues are due to human error according to Help Net Security survey
  • Only 24% of employees received cybersecurity training in the past year per Proofpoint 2023 report
  • 81% of hacking-related breaches used stolen credentials per Verizon DBIR 2024
  • Password reuse is practiced by 59% of users per Google 2023 survey
  • Social media phishing success rate is 3.24% vs email's 0.05% per KnowBe4
  • Use of compromised personal devices in breaches rose 20% per Verizon DBIR
  • 43% of users click phishing links in simulations per Proofpoint
  • Remote workers 300% more likely to infect systems per Zscaler
  • 68% of breaches involved privileged credentials per BeyondCorp study
  • Generative AI phishing emails rose 1,265% in late 2023 per SlashNext
  • Only 15% of SMBs have incident response plans per Accenture
  • Misconfigurations caused 60% of cloud breaches per Palo Alto 2023
  • 91% of organizations experienced phishing attempts per Proofpoint 2024
  • Employee training reduces phishing success by 70% per Infosec Institute
  • IoT devices in breaches increased 150% per Verizon DBIR
  • 52% of users share passwords with colleagues per LastPass study
  • Vishing calls rose 344% in 2023 per Barracuda
  • Third-party breaches caused 44% of incidents per UpGuard
  • 70% of employees bypassed security policies per Varonis
  • AI-generated phishing evaded detection 60% more per Egress

User Vulnerabilities Interpretation

We have thoroughly armored our digital castles with the latest firewalls and encryption, yet we continue to leave the main gate wide open, manned by overworked, undertrained, and occasionally click-happy humans who are just trying to do their jobs.

Sources & References

Logos provided by Logo.dev