Our team of researchers has collated data breach records spanning over 15 years to provide a running total of the number of breaches and records affected since 2005.
Since 2005, more than 11 billion individual records have been impacted in data breaches across the United States. From the start of 2005 to the end of 2020, there had been over 12,700 breaches across America. These have the potential to not only leave personal data exposed and vulnerable to hackers but can also have a detrimental impact on business share prices.
As of 2020, each lost or stolen record costs an average of $1501. Since 2005, the cost of all breached records could amount to more than $1.7 trillion.
Data records are lost or stolen at the following frequency
Based on previous records, over 6 million records are impacted by data breaches each day. That equates to 72 records per second. While this sounds an astronomical figure, studies indicate that almost 50 percent of US companies have experienced some form of data breach.
2016 was the biggest year for records affected
With over 4.6 billion records affected in 2016 alone, this was the biggest year for the number of records lost or stolen since 2005. Worldwide, over eight data breaches impacted over 10 million records each in 2016, too.
2016 wasn’t the biggest year for data breaches, however. This came a year later in 2017 when 1,683 breaches were reported across the United States.
What do these stats look like in your state?
Find out in our Which state has the most data breaches? report.
Methodology
1 The cost of a record for all of the years up to 2018 is set according to the annual Cost of a Data Breach study dating back to 2014 – $148. There was no clear trend in cost per record between 2014 and 2018, so we used the 2014 report’s figure for years prior. For 2019/20 figures, we used IBM’s updated Cost of a Data Breach study which put the cost per record at $150.
Sources:
- https://www.idtheftcenter.org/data-breaches/
- https://www.privacyrights.org/data-breaches
- https://oag.ca.gov/privacy/databreach/list?field_sb24_org_name_value=&field_sb24_breach_date_value%5Bmin%5D&field_sb24_breach_date_value%5Bmax%5D&order=created&sort=asc
- https://attorneygeneral.delaware.gov/fraud/cpu/securitybreachnotification/database/
- https://cca.hawaii.gov/
- https://www.in.gov/attorneygeneral/2874.htm
- https://www.iowaattorneygeneral.gov/for-consumers/security-breach-notifications/
- https://www.maine.gov/ag/consumer/identity_theft/index.shtml
- http://www.marylandattorneygeneral.gov/Pages/IdentityTheft/breachnotices.aspx
- https://www.mass.gov/lists/data-breach-notification-reports
- https://www.doj.nh.gov/consumer/security-breaches/a.htm
- https://dojmt.gov/consumer/data-breaches-businesses/
- https://www.cyber.nj.gov/data-breach-alerts
- https://iapp.org/media/pdf/resource_center/North_Carolina_State_Data_Breaches.pdf
- https://iapp.org/media/pdf/resource_center/North_Dakota_Data_Breaches_2018.pdf
- https://justice.oregon.gov/consumer/DataBreach/
- http://consumer.sc.gov/identity-theft-unit/security-breaches
- https://ago.vermont.gov/data-security-breaches/
- https://iapp.org/media/pdf/resource_center/Virginia_Data_Breaches_2018.pdf
- https://www.atg.wa.gov/data-breach-notifications
- https://datcp.wi.gov/Pages/Programs_Services/DataBreaches.aspx