Data Breach Trends & Stats

Data Breach Trends

  • Malicious or criminal attacks are the most expensive cause of data breaches and are on the rise. In 2011, 37 percent of data breach cases involved malicious attacks and averaged $222 per record. Negligence accounted for 39 percent of reported breaches.

2011 Cost of a Data Breach: United States, Ponemon Institute and Symantec, March 2012

  • Malicious attacks (defined as a combination of hacking and insider theft) accounted for nearly 40 percent of the recorded breaches in2011.  Hacking attacks were responsible for more than one-quarter (25.8 percent) of the data breaches recorded. Identity Theft Resource Center’s 2011 Breach Report.

2011 Breach Report, Identity Theft Resource Center, December 2011

  • Malware continues to play a strong part in data loss, leading to approximately 80 percent of total data loss in 2010.

2011 Data Breach Investigations Report (DBIR), Verizon Business, April 2011

  • The total number of attacks is on the rise, while the number of records exposed per breach declines, indicating a willingness in the cybercriminal underground to go after the smaller, easier targets.

2011 Data Breach Investigations Report (DBIR), Verizon Business, April 2011

  • In a 2010 study, 46 percent of the lost laptops contained confidential data, only 30 percent of those systems were encrypted, and only 10 percent had other anti-theft technologies.

The Billion Dollar Lost Laptop Study, Ponemon Institute and Intel Corp., December 2010

Data Breach by the Numbers:

  • Total number of records containing sensitive personal information involved in security breaches in the U.S. is 544,817,607 in 3,002 data breaches since January 2005.

A Chronology of Data Breaches, Privacy Rights Clearinghouse, March 2012

  • According to DataLossDB, there have so far been 336 data breach incidents in 2012 and there were 906 incidents in 2011.

DataLossDB, Open Security Foundation’s formerly Attrition.org, March 2012

  • In 2011, the Identity Theft Resource Center (ITRC) documented 419 breaches, exposing 22,918,441 records. In the first quarter of 2012, there have so far been 93 incidents, exposing 2,140,987 records.

Identity Theft Resource Center, March 2012

Data Loss and Its Costs:

  • In the United States, data breach incidents cost companies $194 per compromised record in 2011, compared to $214 in 2010.

2011 Cost of a Data Breach: United States, Ponemon Institute and Symantec, March 2012

  • The average total cost per company that reported a breach in 2011 was $5.5 million compared to $7.2 million in 2011.

    2011 Cost of a Data Breach: United States, Ponemon Institute and Symantec, March 2012

    • The average value of a lost laptop is $49,246 and the data breach costs represent 80 percent of the total cost of a lost laptop compared to two percent for replacing the computer. Encryption on average can reduce the cost of a lost laptop by more than $20,000.

    The Billion Dollar Lost Laptop Study, Ponemon Institute and Intel Corp., December 2010

    More Resources:

    Data Security/Privacy Experts:

    Symantec has several experts in the area of data breaches and data loss prevention that are happy to provide you with comment and background. Please contact us.

    Useful URLs: