UPDATED:Jan 30, 2024

Methodology

The Data Breach World Map was developed in partnership with independent cybersecurity researchers to visualize the scope and scale of data breaches worldwide. Most reporting on data breaches and leaks affecting companies globally doesn’t specify which countries were affected the most.
Thus, the Data Breach World Map is the first tool that shows the countries from which users are most affected by breaches.
A data breach means that an intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc. One breached email address is considered as one breached user/account.
In the case of a data breach, a data point is a unit of private information. Here are some common data points that can appear in a leak:
  • Email address;
  • Username;
  • Full name;
  • Password (usually hashed);
  • Gender;
  • Country;
  • City;
  • Coordinates (latitude, longitude);
  • IP address;
  • Locale;
  • Currency;
  • Phone number.
If your data has been leaked, you might be at risk of being targeted by cybercriminals. Therefore, you should change your passwords immediately. For additional information on how data breaches could expose you to online threats and how to prevent any damage, check the Data Vulnerability Thermometer.
This tool takes your selected data points and calculates how much this leaked data could put you in danger.
In our partners' research, every breached email account is considered as one breached user/account. In data leaks and breaches, email addresses often come tied with other data points, which can help identify the user’s possible location.
To categorize data into different countries, the following data is considered:
  • Email domain name — only country-specific domain names like qq.com are used, while international ones are ignored;
  • Breached website domain — only domains of country-specific websites and services are used;
  • Country;
  • City;
  • Coordinates (latitude, longitude);
  • IP address;
  • Locale;
  • Currency;
  • Phone number.
The data cannot be 100% accurate as there are multiple factors that can distort the full picture:
  • Users enter incorrect information - purposefully or accidentally - in registration forms;
  • Users may claim to be located in uninhabited locations;
  • The IP address location can change;
  • Some products store made-up testing data in their production databases;
  • Phone numbers are difficult to validate without knowing the country of origin;
  • Currency isn’t a very reliable factor as users can live abroad;
  • Users sometimes register on foreign websites or use foreign email addresses;
  • A device’s locale can be set arbitrarily.
For timeline accuracy, our partners record the actual time of the breach instead of when it becomes public. Therefore, the numbers in the past can change as new cases are reported.
The data was collected by our independent partners from 29,000 publicly available databases and aggregated by email addresses. This data was then anonymized and passed on to Surfshark’s researchers to perform a statistical analysis of their findings.
To calculate the breached accounts per 100 people, population data was taken from the United Nations website.
Find the full research material here.
We are glad to have press coverage of our studies and encourage you to share our work. We give permission for anyone to use this study’s analysis and visuals as long as you:
  • Credit Surfshark (ideally with a link to the landing page);
  • Indicate if you made any changes to the original piece;
  • If you remix, transform, or build upon the aforementioned materials, you also need to share them under the same rules;
  • Don't use these materials for commercial purposes.
This project is licensed under Creative Commons 3.0 and the above-mentioned conditions are taken from it. If you have any questions or concerns about sharing our work, please contact [email protected] before using them.