The US Had The Largest Data Breach Increase In 2023, Report Finds

According to reports, including one by SurfShark, last year saw a noticeable difference in the digital space: a decrease in the total number of breached accounts globally, from 366.7 million in 2022 to 299.8 million in 2023.

This 18% drop means there was a genral sense of improvement in cybersecurity measures across the globe. However, not all news is good news. In particular countries like the United States, Russia, and France, the number of compromised accounts remains high.


Which Countries are Most Affected?


When we look into the specifics, the situation varies widely by country:

  • The United States saw a worrying increase, with 96.7 million accounts compromised.
  • Russia experienced a decrease in breaches, yet still had a high total of 78.4 million.
  • France, Spain, and India showed mixed results, with variations in the number of affected accounts.


Data Analyst John Smith from CyberSecure notes, “Data breaches are a global issue, affecting millions. It’s essential for countries to share strategies and work together to improve cybersecurity.”


How Did Different Regions Fare?


In terms of regional data, there’s a diverse picture:

  • Europe was the most breached region but saw a 27% reduction in breaches.
  • North America, in contrast, experienced an increase, highlighting varying success rates across continents.
  • Asia, South America, and Oceania reported fewer breaches, showing signs of improvement, while Africa marked notable advancements in cybersecurity measures.


What About Breach Density?


Breach density, the likelihood of experiencing a data breach relative to a country’s population, brings another dimension to understanding cybersecurity:


  • Residents in Russia are more likely to face a data breach compared to those in the United States.
  • Smaller countries like Taiwan and Czechia also reported high breach densities, indicating that size does not always determine security levels.

Noteworthy Breaches of the Year


Several data breaches have made headlines, showing how there is still a long way to go in protecting personal information:

  • LinkedIn experienced a leak of 11.5 million emails.
  • Four major Russian platforms were breached, contributing to the country’s high numbers.
  • Other platforms, including Duolingo and, suffered breaches impacting millions.



Data Breaches To Think About, Every Month In 2023


January 2023:

Slick Cash Loan: Personal and financial info of more than 2 million people were exposed due to a mishandled and outdated database. The exposed data included names, addresses, phone numbers, email addresses, loan amounts, to name a few​​.


February 2023:

Mailchimp: An incident where attackers used social engineering to gain access to customer service systems, leading to the exposure of data related to 133 Mailchimp accounts, impacting email newsletters and marketing services for various companies​​.


March 2023:

Okta: A third-party customer support engineer’s laptop was compromised, potentially affecting hundreds of clients of the identity and access management company. While Okta claimed minimal customer impact, the breach raised significant concerns about supply chain security​​.


April 2023:

Cash App Investing: The breach exposed the personal information of 8.2 million current and former customers, including full names, brokerage account numbers, brokerage portfolio value, and holdings​​.


May 2023:

Toyota: Unauthorised access to a server led to the potential leak of 296,019 email addresses and customer control numbers associated with the T-Connect service​​.


June 2023:

Block: An employee downloaded reports from Cash App containing U.S. customer information, affecting 8.2 million users​​.


July 2023:

Cisco: Experienced a cyber attack where an employee’s credentials were compromised through social engineering, leading to data theft, although the company claimed no sensitive customer information was compromised​​.


August 2023:

Revolut: An unauthorised third party gained access to the system, affecting tens of thousands of users, with data exposed including names, addresses, email addresses, phone numbers, and partial payment card details​​.


September 2023:

DarkBeam: A misconfiguration exposed 3.8 billion records, including user emails and passwords from previously reported and non-reported data breaches​​.


October 2023:

ICMR Indian Council of Medical Research: The breach exposed personal data of 815 million Indian residents from the Covid-testing database, including names, ages, genders, addresses, passport numbers, and Aadhaar numbers​​.


November 2023:

Kid Security: Exposed more than 300 million records, including user activity logs, telephone numbers, email addresses, and some payment card data due to misconfigured Elasticsearch and Logstash instances​​.


December 2023:

Unprotected Real Estate Wealth Network: Over 1.5 billion records exposed, containing property ownership data related to millions of people, including celebrities, due to an unprotected database​​.