Data breaches rise globally in Q3 of 2022

With the final part of the year fast approaching, we’ve refreshed our existing data to report once again on the state of global data breaches for Q3 of 2022 (July, August, and September). 

This article will give a high-level overview of which countries had the most data breaches over the last three months. We’ll compare key trends with findings from Q2 as well as touch on the biggest (and most costly) data breach occurrences and their affected sectors.

Quick overview of Q3 2022 breaches:

  • A total of 108.9M accounts were breached in 2022’Q3
  • Quarter-over-quarter breach rates were 70% higher in Q3 than in Q2
  • The top 5 countries and regions most affected by data breaches in Q3 2022 were Russia, France, Indonesia, The U.S., and Spain
  • Russia took the lead for the most breached users in Q3 — 22.3M
  • France had the highest breach density, with an average of 212 leaked accounts per 1,000 people

70% more account breaches in Q3 compared to Q2

Research shows that global data breaches are continuing to climb, with Q3 giving rise to the most data breaches this year. In the last three months alone, a total of 108.9M accounts were breached globally, meaning that 14 accounts were leaked every second, as opposed to 8 per second in Q2.

All in all, quarter-over-quarter breach rates are 70% higher than in Q2. 

This year’s quarterly data breach average has been recorded at 72.8M. In the last three months alone, the average has risen by 50% to 108.9M global account breaches. More specifically, 64,364,633 accounts were breached in Q2, while 108,888,899 accounts were breached in Q3. This equates to a 69.2% spike, or 44.5M rise from quarter to quarter. 

We’ll now delve deeper into the countries that were most affected (so far) by global data breaches in 2022. While some nations have worked towards and succeeded in lowering month-over-month data leaks, others have seen significant spikes. 

And, due to ongoing global conflicts, policy changes, and more – some countries that were never a concern have popped up on the worldwide data breach radar with higher statistics than ever before. The countries and regions most affected by data breaches in Q3 2022 include Russia, France, Indonesia, The U.S., Spain, China, and more.

Check out an interactive world map for an informative window into data breaches per country.

Find out more

Russia takes the lead, once again, for the most breached users

The below five countries have the highest data breach numbers of Q3 2022 and account for more than half of all breaches worldwide. 

Total breached users
22.3 Million
13.8 Million
13.3 Million
The U.S.
8.5 Million
3.9 Million

Last quarter saw Russia dominating the fold in terms of global data breaches, followed by China and Brazil. The United States took the fourth position, surpassing South Korea, which came in fifth. In Q3, Russia and the United States remained in the top 5 positions, while the rest fell out of the running to be replaced by France, Indonesia, and Spain

Throughout this decade, the United States remained the single most breached country. However, the situation shifted at the start of 2022.

Russia took over this dubious title, showing the single highest global breach count for the third quarter in a row. And while Russia did show a slight decrease in recorded cases from Q2 to Q3, they still lead by a significant margin, with 8.5M more cases than France.

Last quarter, Belarus joined the top 20 countries with the most data breaches (in 19th position), with 539K reported breaches and a 4x growth from the previous quarter. Ukraine experienced a 14% drop in breached users quarter-over-quarter, which took them to the 17th position globally.

France has the highest Q3 breach density of any country

On average, 14 accounts were leaked for every 1,000 people around the world. But, some countries have substantially higher data leak volumes, up to 10x more than the global average.

No. of leaked accounts per 1,000 people

Some countries saw a 1000% increase in breach rates

While France and Russia continued to record the highest data breach density, other countries throughout Africa, South America, and Asia have been experiencing drastic quarter-over-quarter (QoQ) data breach rates by up to 1,000% and beyond. Below are the countries most affected by data breach spikes.  

Breaches (Q2)
Breaches (Q3)
QoQ increase

Keep in mind that countries with a population density lower than 1M were omitted from the above list. However, it’s interesting to note that Iceland, a country with a population of less than 400K, showed a significant jump in online data breach rates, going from 6233 in Q2 to 1,063,864 in Q3 of 2022.  an unprecedented spike for such a small population and by far the highest data breach rate in Scandinavia in 2022.

Europe was the most affected region by breaches in Q3

Europe recorded 52M individual breaches in Q3 alone – the highest of any other continent. Asia followed with 24.24M while North America recorded 9.8M.

Q2 2022
Q3 2022
Breach count
Breach count
North America
South America

Europe made up almost 50% of total Q3 breaches, with 40% of attacks having come from Russia. Asia was the second most vulnerable region for the second quarter in a row, while Africa saw a 300% rise in data breaches, followed by North America with a 265% increase.

Timeline of the biggest Q3 data breaches

Data breaches can destroy an organization’s reputation in the blink of an eye, causing irreparable financial damage, loss of intellectual property, etc. Below are some of the biggest corporate data leaks recorded in the last few months. 

1. Grupo Financiero Banorte (México)

In August 2022, one of Mexico’s largest commercial banks, Banorte, suffered a crippling data breach where 2.1M emails were leaked, along with full names, home addresses, phone numbers, and tax IDs of more than 10 million clients.

2. La Poste Mobile (France)

In July 2022, French telephone operator La Poste Mobile suffered a ransomware attack that severely impacted its administrative services and resulted in at least 533K leaked email accounts.

3. TAP Air Portugal (Portugal)

In August 2022, TAP Air Portugal, the country’s flagship airline, experienced a massive data breach when Ragnar Locker Ransomware breached the company’s servers, leaking 5M email accounts. It’s also speculated that the attackers accessed traveler names, birth dates, and home addresses.

4. Plex (United States) 

In August 2022, Plex, the U.S.-based media streaming service, detected a breach in its main database, resulting in 15M leaked email accounts and potential password breaches for close to 30 million registered users. 

5. Nelnet Servicing (US)

Finally, in August 2022, systems of technology services provider Nelnet Servicing fell victim to a massive cyberattack where around 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial were exposed after hackers breached the systems.

Stay vigilant — Q3 shows that data breaches continue to rise

Looking at the big picture, 2022 seems like a promising year. The number of breached accounts has significantly gone down compared to 2021. Nonetheless, we should not let our guards down. Q3 of 2022 showed a 70% increase in breaches compared to Q2, and while this number is lower than last year, it’s still an increase. This just shows how important it is to remain vigilant and keep your personal information safe at all times. 

Data & methodology

To compile this report, we looked into data breaches occurring from July to September 2022 (Q3) and compared them with numbers from April to June 2022 (Q2).

Countries with a population lower than 1M were excluded from the rankings as they are often outliers in global distribution per population metrics due to small population numbers. 

Note: Excluding countries and territories with fewer than 1M population does not significantly impact global statistics as they account for less than 1% of the worldwide population.

What is a data breach?

In information security, a data breach is an incident in which data held by some party – a person, a company, etc. – is accessed, viewed, or potentially stolen by unauthorized third parties. For example, a hacker accessing a database to steal secret plans would constitute a data breach. For our purposes, a data breach means that the intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc. 

How are users’ locations identified? 

The data collected by our independent partners from breached databases that appear online is aggregated by data points that directly identify a user – more precisely, their email address.

For timeline accuracy, our independent partners record the actual time of the breach as opposed to when it first becomes public. Therefore, past numbers can change as new cases are reported. 


  • Breach count/breaches – number of leaked profiles, accounts, or email addresses.
  • Breach rate – breaches per period of time.
  • Breach density – breach count of a country per country’s population

For further findings on global data breach statistics, download the complete data here.

What sources does the study use?

Our independent partners collected user data from breached databases that appeared online. 

These findings allowed us to sort through 27,000 leaked databases and create 5 billion data combinations. Our researchers then sorted these combinations based on specific data points, such as countries, and performed a statistical analysis of their findings.