Data breach statistics by country in 2021

In the age of information, how safe is our personal data?

To clarify, we took a deep dive into worldwide data breaches in 2021 to see which countries were affected the most. We also took that data and compared it to last year’s statistics by country to paint a picture from a bird’s-eye view.

Some of the most notable cases this year belonged to:

Country
Outcome, worldwide
Numbers
The United States
Largest total number of breached users
A total of 212.4M users affected vs. 174.4M in 2020.
Iran
Biggest jump in breaches year over year
156.1M breached users in 2021 vs. 1.4M in 2020.
Find the latest data breach statistics in our new interactive world map

Visit here

2021 data breach statistics overview

In general, this year was slightly worse than the last in terms of data breach cases.

In the first 11 months of 2021, a total of 952.8M accounts were breached. In contrast, 921.8M breaches happened in 2020 during the same period (a 3.4% growth, or 31M, year over year). Some of the biggest data breaches this year included COMB, Clubhouse, Facebook and Raychat.

What does this mean? It means that nearly 1 billion email accounts have been exposed in both 2020 and 2021 each. That’s 1 in 5 internet users each year that get affected by data breaches. In theory, it could take only 5 years to expose the entire internet population at this rate.

However, that won’t be the case because, as we’ll see next, data breaches are more centralized across specific countries, and accounts can be breached more than once.

The top five countries with the largest number of data breaches account for more than half of all breaches of 2021. These countries are:

  1. The United States of America (212.4M).
  2. Iran (156.1M).
  3. India (86.6M).
  4. Russia (27M).
  5. France (24.6M).

If you want to deep dive into data breaches in India – watch this video.

This year, just like that last, the country that topped the data breach charts was the US, with 212.4M cases.

Rises in breaches year over year dominated in the Middle East

While the US citizens were breached a total of 212.4M times (a 22% increase compared to 2020), the numbers weren’t surprising considering the number of data breaches that happened this past year.

However, the Middle East particularly stood out among the countries that grew the most breach-wise.

Leaked data suggests that more than 150 million Iranian accounts (a 10842% rise from 2020) were compromised during the 2021 Raychat.io breach. The breach pushed Iran to a number two spot because the Raychat app is one of the most popular messaging platforms in the country. However, the Raychat breach may only be a start to Iran’s new problems. 2021 has also seen an intensification of the cyberwar between Israel and Iran as it reached the civilian level, which may result in an increased frequency of data breaches across the nation in the upcoming years.

Percentage-wise, Sudan came out with the second-highest rise in breaches users of 9.2M cases this year compared to 214.6K in 2020 (a 4178% increase). The United Arab Emirates were third with 515% (from 1.5M in 2020 to 9M in 2021), followed by Iraq with a 456% increase year over year.

India also came up fifth on the growth list this year with a 352% increase from 2020. It netted a total of 86.6M user accounts stolen over 9 big data breaches in 2021, including Domino’s India and Air India cases.

On the bright side, Indonesia has seen the best year-over-year improvement in the number of breached users. The country has seen a dramatic 95% drop in breached citizens (from 84.7M in 2020 to 4.4M in 2021). 

A positive outlook for the last quarter of 2021?

While 2021 has been worse than 2020 in terms of data breaches in the first three quarters, the remainder of the year seems positively promising.

We have seen a large drop in data breaches over the last three months. If this trend continues for the remainder of the year, we may see a total decrease of 8.8% in data breach numbers this year compared to the last.

Data & methodology

What sources does the study use?

Our independent partners collected loads of user data from breached databases that appeared online. 

This allowed us to sort through 27,000 leaked databases and create 5 billion combinations of data. Researchers could then sort those combinations based on specific data points, such as countries, and perform a statistical analysis of their findings.

The examined data was taken from a twelve-month period between November 2020 to November 2021. The selected data was then analyzed and compared to similar information of the year before.

What is a data breach?

In information security, a data breach is an incident in which data held by some party – a person, a company, etc. – is accessed, viewed, and potentially stolen by unauthorized third parties. In layman’s terms, a standard movie hacker accessing a database to steal secret plans would be a data breach. For our purposes, a data breach means that the intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc. 

How are users’ locations identified? 

The data collected by our independent partners from breached databases that appear online is aggregated by data points that directly identify a user – more precisely, the email address.

For timeline accuracy, our independent partners record the actual time of the breach instead of when it becomes public. Therefore, the numbers in the past can change as new cases are reported. Data associations to specific breach instances in this study are only stipulated.

Download the full data here.

Rank
Country
2021
2020
Difference
Change, %
1
The U.S.
212.4M
174.4M
38M
22%
2
Iran
156.1M
1.4M
154.7M
10842%
3
India
86.6M
19.2M
67.4M
352%
4
Russian Federation
27M
35.9M
-8.9M
-25%
5
France
24.6M
17.4M
7.3M
42%
6
Brazil
24.2M
35M
-10.8M
-31%
7
UK
16.9M
16.3M
625.8K
4%
8
Iraq
13.9M
2.5M
11.4M
456%
9
Republic of Korea
13.6M
6.1M
7.5M
122%
10
China
12.9M
8.2M
4.7M
57%
11
Canada
12.3M
11.2M
1.1M
10%
12
Italy
11.1M
18.1M
-7M
-39%
13
Germany
10.3M
18.7M
-8.4M
-45%
14
Spain
9.8M
12.2M
-2.4M
-19%
15
Australia
9.6M
9.2M
336.4K
4%
16
Sudan
9.2M
214.6K
9M
4178%
17
United Arab Emirates
9M
1.5M
7.5M
515%
18
Netherlands
7.8M
4.3M
3.5M
83%
19
Montenegro
6.7M
4.6M
2.1M
46%
20
Turkey
5.9M
21.3M
-15.3M
-72%

How to prevent data breaches

We recommend using all available online security tools to lessen the chances of your data appearing in a data breach.

A VPN will encrypt your internet connection, which helps prevent your ISP from collecting data about your browsing habits. An email alias like Alternative ID is useful for online sign-ups, so your real email won’t get leaked. You can use Surfshark Alert, which will notify you whenever your data ends up in a data breach so you can react as fast as possible.

All of these tools are available to you if you download Surfshark.