Ukraine’s invasion and data breaches

With war strategies becoming increasingly more sophisticated, the threat of war-time data breaches is rising. This week's chart delves into data breaches sustained in the build-up to and throughout the Russo-Ukrainian war, highlighting the overall scale and impact.

Key insights

• During the period leading up to Russia’s invasion of Ukraine (Q4 of 2021), Russia’s data breach levels stayed at roughly the same level compared to the quarter prior. In contrast, breached Ukrainian accounts nearly tripled, going from 345k to 923k. Political tension during this period was high, and this increase in data breaches likely marked the beginning of the cyberwar between the two countries.
• The following quarter which marked the beginning of the invasion (Q1 of 2022) saw a steep drop in global breaches, and a two-fold decrease in Ukrainian breaches. Meanwhile, Russia saw an unprecedented 7-time surge, its number of breached accounts growing from 7.4M to 52.4M - likely the result of hackers mobilizing on the cyberfront in defense of Ukraine.
• By Q1 of 2023 - a year after the start of the war - data breach levels in both Ukraine and Russia had gone down and Ukraine’s breaches come in line with the global trend. Ukraine saw 134k breached accounts, while Russia had 6.8 million.

Methodology and sources

Drawing on data from our Data Breach Monitoring study, we analyzed the total number of breached accounts in Russia, Ukraine, and globally each quarter between Q1 of 2020 to Q1 of 2023. To eliminate the countries' impact on the global trend, their totals were subtracted from the global values. While the quarterly totals for Russia and Ukraine were presented in the graphs, global breaches were expressed as relative values derived by multiplying global quarterly totals by the country’s to-global peak values ratio.

Data was collected from: