Please fill in the form below to subscribe to our blog

10 Data Breach Statistics That You Don’t Want to Miss

September 01, 2022

These 10 Data Breach Statistics Illustrate Why a Data Breach is an Expensive Disaster


Just one security incident that ends in a data breach can strike a devastating blow to an organization’s revenue. Unfortunately, many organizations learn that lesson the hard way. The IBM Cost of a Data Breach 2022 report revealed that the cost of a data breach has gone up, reaching a new record high. The report also shines a light on the factors that can impact the cost of a data breach from its initial vector to geography, giving IT professionals a look at the devastating impact that a data breach can have on an organization’s bottom line. 


See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>


10 Data Breach Statistics You Don’t Want to Miss


  1. The average cost of a data breach is a record-high $4.35 million  
  2. The average cost of a ransomware-related data breach is $4.54 million  
  3. Human error is the reason for almost one-quarter of data breaches  
  4. The cost of a data breach has climbed 12.7% in two years from 2020’s $3.86 million  
  5. Ransomware was at the root of 11% of breaches in 2022, up from 7.8% in 2021  
  6. An estimated 60% of businesses have increased prices due to the cost of a data breach  
  7. About 80% of companies have experienced more than one data breach  
  8. A data breach at an organization that has fully deployed security AI and automation costs 65.2% or $3.05 million less than average   
  9. A data breach costs $1 million more if remote workers are a factor   
  10. One-fifth of data breaches are caused by a supply chain compromise  

Source: IBM  


Learn to identify and mitigate fast-growing supply chain risk with this eBook. DOWNLOAD IT>>


The cost of a data breach has skyrocketed in just two years 


As noted above, the cost of a data breach in 2022 is $4.35 million, an increase of 2.6% from the 2021 cost of $4.2 million per incident. That cost just keeps rising. This chart offers a look at how the data breach landscape is progressing and the way that risk has evolved over time. This year’s growth in breach costs represents a major jump in the cost of a breach in a two-year span, up 12.7% from 2020’s $3.86 million, illustrating the constantly rising danger of a data security incident to businesses.    

Source: IBM 


The Computer Security To-Do List helps companies build a strong security culture. DOWNLOAD IT NOW>>


Geography plays a part in the cost of a data breach 


The location of the organization that experiences a data breach can be a big factor in determining the cost of that breach. The U.S. has held the top spot for data breach cost for 12 consecutive years, with an average data breach cost of $9.44 million. The Middle East region had the second-highest cost of a data breach at $7.46 million in 2022. Rounding out the top three, Canada is the third highest at $5.64 million up 4.4% from 2021. The average cost of a breach in the United Kingdom is $5.05 million, up a surprising 8.1% from 2021. The largest relative cost increase, occurred in Brazil where the cost of a data breach increased by 27.8%. In a rare spot of good news, good news, six of the 17 regions in the survey — Germany, Japan, France, South Korea, Scandinavia and Turkey — saw a decrease in the average total cost of a data breach, with costs in Turkey plummeting by 42%, dropping to $1.11 million in 2022. 

The Top 5 Countries or Regions with the Highest Data Breach Cost  

  1. The United States = $9.44 million   
  2. The Middle East = $7.46 million   
  3. Canada = $5.64 million   
  4. The United Kingdom = $5.05 million   
  5. Germany = $4.85 million 

Source: IBM 


Learn 5 red flags that could indicate a malicious insider is at work in your organization! DOWNLOAD INFOGRAPHIC>>


The healthcare sector has the highest data breach cost 


The industry with the most expensive data breach cost is healthcare, almost double the cost of the number two sector. The average cost of a healthcare data breach jumped almost $1 million to a record high of $10.1 million, which is 9.4% more than in 2021 and 41.6% more than in 2020. The financial sector is in second place, up 4.4% from $5.72 million in 2021 to $5.97 million in 2022. The cost of a data breach in the heavy industrial sector (comprised of critical infrastructure targets like chemical, engineering and manufacturing entities in this report), also ballooned, up 5.4% from $4.24 million in 2021 to $4.47 million in 2022. 

Source: IBM 


Drill down to the bottom line to see why security & compliance awareness training is a smart investment. GET IT>>


The attack vector also impacts breach costs 


The longer it takes to identify and contain a data breach, the more damage it does and the more it costs. The origin point of the incident that causes a data breach can make a big difference in its cost. The average time to identify and contain a data breach is 277 days. Stolen or compromised credentials are the initial attack vector with the longest mean time to identify and contain a breach, 327 days. Breaches caused by business email compromise had the second highest mean time to identify and contain, at 308 days. Phishing is the most expensive initial attack vector with the third longest time to identify and contain.  

Source: IBM 


Get a step-by-step guide to building an effective security and phishing awareness training program. GET GUIDE>>


Security Awareness Training Reduces Data Breach Risk


Companies that engage in regular security awareness training have 70% fewer security incidents. Security awareness training using phishing simulations also improves phishing awareness by an estimated 40%, reducing a company’s chance of an expensive data breach from vectors like credential compromise, phishing, employee mistakes and business email compromise. 

BullPhish ID makes conducting security and compliance awareness training and phishing simulations a snap for training administrators and employees.   

The benefits of choosing BullPhish ID include: 

  • New training videos and fresh phishing kits are added every month to keep training current.  
  • Easy-to-understand compliance training with video lessons that explain complex requirements in simple language.  
  • Train your way and on your schedule with plug-and-play phishing simulation kits or customizable content that can be tailored to fit your industry’s unique threats.   
  • Offer training in eight languages: English, Dutch, French, German, Italian, Portuguese, Spanish (Iberian/European) and Spanish (Latin).   
  • Leverage in-lesson quizzes and easy-to-read reports to see the value of training and know who needs additional support.    
  • Simplify the training process and make it convenient for every employee with a personalized user portal.    
  • Automatically generate and send reports to stakeholders.   

Want to learn more about security awareness training and how BullPhish ID can help secure your company and save you money? Explore the benefits of training with BullPhish ID today.   

Or, book a demo and see BullPhish ID in action


dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>