Cybersecurity|Cybersecurity statistics

Data breach statistics: Q3 2023

Data breach statistics: Q3 2023

A data breach is a common digital threat to personal information. It happens when confidential and sensitive data gets exposed to unauthorized third parties. Data breaches have various causes — from a system vulnerability to human error. The exposure of personal information can inflict severe damage to both people and companies; that’s why dedicating time and resources to data breach prevention is essential.

At Surfshark, we monitor global data breach statistics and report our findings every quarter. In this article, we are taking a deeper look into the latest data breach trends and how they changed between Q2 and Q3 of 2023.

Note: In this study, we treat every breached or leaked email address used to register for online services as a separate user account. Each one is counted as a breach.

Global trends in data breach statistics: Q3 vs. Q2

Over 31M accounts were leaked in the 3rd quarter of 2023 — 76% less compared with 133M¹ in Q2. For a sense of scale, the third quarter saw 240 accounts breached every minute versus 1030 the previous quarter.

Top breached countries: what changed between Q2 and Q3?

The Q3 data breach statistics in the US, Russia, and France mark noticeable decreases from the last quarter. This indicates a positive trend. These three countries kept their Q2 rankings, except France, which moved from 4th to 3rd place. However, China and Mexico saw high increases, propelling them into 4th and 5th places.

The United States saw 8.1M breached accounts — the highest number for the second quarter in a row. In Q3, over a quarter of all breached accounts were of American origin. However, the US also experienced the greatest (sixfold!) quarterly decrease in compromised accounts amongst the top 3 — from 50.2M to 8.1M. Despite this significant drop, the US remains the most data breach-affected country worldwide.

Having taken 2nd place in Q2, Russia maintains this position in Q3. This quarter, 7.1M Russian accounts were affected, a 10-times decrease from the previous quarters’ 34.8M. Despite the decline, Russian accounts comprise 23% of all those breached.

France finds itself in 3rd place, a jump from 4th place last quarter. Despite the higher ranking, the number of French accounts breached decreased by over half — from 3.5M to 1.6M.

While the top 3 countries experienced decreases, the two newcomers to the top 5, China and Mexico, both saw a rise in the number of breached accounts. 1.5M Chinese accounts were breached in Q3, leaving it the 4th most breached country. This is a drastic increase of 14 times compared to 110K in Q2. In Mexico, 1.2M accounts were breached this quarter — an increase of 180% compared to 430K in Q2.

Australia, which ranked 5th in Q2, has dropped to 17th place following a decrease of 93% in the number of breached accounts. Breaches of Australian accounts dropped from 2.8M to just 190K. This is the highest proportionate decrease (quarter over quarter decrease when measured in %) in compromised accounts amongst the top 20 heavily breached countries this quarter.

Which regions were most affected?

Except for South America and Antarctica, all regions saw significant quarterly decreases in breached accounts. South American accounts were breached 12% more frequently in Q3, going up from 1.8M to 2M. Affected Antarctican accounts went up from 290 to 450.

In Q3, Europe had the highest number of breached accounts — 11M. While this is a notable decrease from Q2’s 48M, European accounts still make up the majority of those affected globally. Despite the declining numbers, Europe rose to 1st place as the most breached region in Q3.

North America saw the second-highest relative decrease in breached accounts over the two quarters, down from 52M to 9.5M. While this region ranks 2nd in Q3, down from 1st place last quarter, North American accounts still comprise 30% of all leaked accounts this quarter.

Asia maintains 3rd place in Q3. Compared to the changes seen in Europe and North America, Asia saw a smaller decrease in breached accounts, down from 6M to 3.8M. This quarter, leaked Asian accounts account for 12% of all breached accounts.

South America ranks 4th, with 2M accounts affected. This quarter, there were slightly more leaked South American accounts than in Q2 (which saw 1.8M leaked accounts). Despite the increase, accounts from the region comprise only 6% of all those breached.

Regarding Africa, 310K African accounts were breached in Q3, a drop of 70% from the 1M accounts in Q2. The region ranks 5th, comprising just 1% of all affected accounts. Next is Oceania, where the number of breached accounts dropped significantly from 3.3 million in Q2 to 300K in Q3. Lastly, in Q3, there was a small number of breached accounts from Antarctica. The number increased to 450, up by over half from 290 in Q2.

Top countries of Q3 2023 by breach density

Breach density is measured by dividing a country's total breach number by its population. This metric allows us to gain a deeper understanding of the likelihood of experiencing a data breach in various countries. For example, even if two countries have the same number of compromised accounts, the residents of a country with a smaller population size were more likely to experience a data breach in Q3.

In most countries, breach densities have decreased, but for some, the figures indicate tangible effects. For example, Russia, which had the 2nd highest number of breaches, has almost double the breach density of the US (the country with the most breaches globally). For every 10,000 Russian citizens, almost 500 accounts were breached — and that’s just this quarter alone.

France, while being 3rd for overall breaches, is second in breach density in Q3. For every 10,000 French people, 250 accounts were breached. This translates to a whopping 18K accounts breached per day in Q3.

Colombia and Malaysia stand out in terms of their breach density, ranking 4th and 5th, respectively. Colombians saw 150 accounts breached per 10K residents, and Malaysians similarly saw 140 for every 10K people. Data breach density provides a better understanding of the situation in these countries. Just examining the number of breaches wouldn’t show that Malaysians and Columbians face a much higher risk of being breached.

A data breach respite?

The third quarter of 2023 brought a welcome decline in data breach trends — the total number of breaches shrank by 76% compared to the previous quarter. Still, 240 accounts worldwide got leaked every minute.

Europe was the top breached region this quarter, while the US contributed to the metrics as the top breached country — over 8M breached accounts in Q3. While the numbers may have decreased slightly in the last quarter, the issue is nowhere near gone. It still requires a collective effort to keep the number of data breaches decreasing.

Why should we care about data breaches? Having personal data exposed can cost a lot — think of financial damages or even identity theft. Data breaches can severely harm companies, as they would have to pay government fines and attorney fees, suffer decreased stock prices, and deal with the damage to the company’s reputation.

That’s why it is important to monitor data breaches and do our best to reduce their numbers all over the world, which can be achieved through good cybersecurity practices.

Methodology and sources

We looked into global data breaches between July and September of 2023 (inclusive) and compared the numbers to those from April to June of 2023 (inclusive).

Countries with a population lower than 1M were excluded from the rankings as they are often outliers in global distribution per population metrics due to small population numbers. Excluding countries and territories with a population of fewer than 1M does not significantly impact global statistics as they account for less than 1% of the worldwide population.

The data was collected by our independent partners from 29,000 publicly available databases and aggregated by email addresses. This data was then anonymized and passed on to Surfshark’s researchers to perform a statistical analysis of their findings.

For timeline accuracy, our independent partners record the actual time of the breach instead of when it first becomes public. Therefore, past numbers can change as new cases are reported.

Definitions:

• Data breach — an event when the intruder copies and leaks user data such as names, surnames, email addresses, passwords, etc.
• Breach count/breaches — every breached or leaked email address is counted as a separate account/user/breach.
• Breach rate — breaches per a defined period of time.
• Breach density — breach count of a country per its population.

Data was collected from:

References:

Please note that the number of breached accounts may change, as more breaches have been identified since our last report.

FAQ