Why it matters: A recent study investigating data breaches throughout 2023 reveals a total of 299.8 million accounts were compromised across the year. While this figure is alarmingly high, it represents an 18% reduction from the 366.7 million breached accounts in 2022. Despite this global decrease, the situation in the United States has worsened, with the number of breaches tripling, positioning it as the world's most frequently targeted country.
The Global data breach statistics report comes from Surfshark, which counts every leaked email address used to register for online services as a separate user account.
The biggest takeaway beyond the number of breaches falling 18% last year is that of the near 300 million compromised users, a third of them were of American origin.
The number of breaches in the US increased from 30.9 million to 96.7 million in 2023. Russia, meanwhile, saw a 27% decline in its breaches, dropping from 107.7 million to 78.4 million, moving it from the top spot to second place.
Europe was the region most affected by breaches – 39% of accounts breached last year were European.
Russia was the top country based on breach density, which is calculated by dividing a nation's total number of breaches by its population, indicating the likelihood of someone becoming a victim. The US was in second place based on this metric, with 285 accounts per 1,000 residents compromised.
Surfshark also collated the biggest breaches of 2023. The LinkedIn incident reported in August was the largest, with 11.4 million emails compromised. The next four were Russian services, with Duolingo's breach that affected 2.6 million emails in sixth place.
A different group, the Identity Theft Resource Center (ITRC), released a similar report that focuses only on the US. It states that the total number of breaches went up 43% YoY in 2023, though the total number of victims declined 16%.
ITRC notes that T-Mobile was the biggest incident, with 37 million victims impacted, while healthcare was the most-targeted industry. This backs up Omdia's report in January that showed healthcare suffered more cyberattacks than any other sector last year.
As for specific attack vectors, cyberattacks were the most popular, followed by system and human errors, physical attacks, and supply chain attacks.