A data breach refers to any unauthorized or accidental access, use, disclosure, or destruction of personal data. Data breaches can occur through a variety of means, including cyberattacks, human error, or system malfunctions.
Data breaches can have serious consequences for affected individuals and organizations, including financial loss, reputational damage, and legal liabilities. As a result, data protection laws, such as the GDPR, require organizations to report data breaches to the relevant authorities and affected individuals.
Data breach statistics provide a clear indication of the significant risks and consequences of data breaches:
- According to the 2021 Cost of a Data Breach report by IBM, the average cost of a data breach was $4.24 million in 2021, a 10% increase from the previous year.
- The same report found that the time to identify and contain a data breach was 287 days on average, and breaches that took longer than 200 days to identify and contain were estimated to cost $4.87 million on average.
- The 2021 Data Breach Investigations Report by Verizon found that the most common type of data breach was phishing, which accounted for 36% of all data breaches. Other common types of data breaches included password attacks (21%) and cloud-based attacks (19%).
- In the first half of 2021, the number of data breaches reported in the United States increased by 38% compared to the same period in 2020, according to a report by the Identity Theft Resource Center.
- The same report found that the healthcare sector was the most affected by data breaches in the first half of 2021, accounting for 27.2% of reported breaches.
These statistics highlight the significant impact of data breaches on organizations and individuals, and the importance of implementing robust data protection measures to prevent and respond to data breaches.
