Data breaches declined by almost half in Q1 2023, study finds

The number of data breaches recorded by enterprises almost halved in the first quarter of 2023, though on average an account was still leaked every second in the first three months of the year.

According to a study by cyber security firm Surfshark, the number of breached accounts fell to 41.6 million in Q1, down by 48.5% on Q4 2022 when almost 81 million were breached.

To put this into perspective, 10 accounts were leaked per 1,000 people in the final quarter of 2022 as opposed to five at the beginning of this year. The significant decline shows that the global data breach trends took a “positive turn” in the last three months, Surfshark said

However, not all countries saw a positive turn in their data breach statistics. Russia, Taiwan, France, and Spain were among the most breached countries, seeing an increased number of leaked accounts last quarter.

Russia ranked first, amounting to a sixth of all leaked accounts, followed by the US (5 million), Taiwan (3.9 million), France (3.2 million), and Spain (3.2 million). The five most-breached countries account for more than a half of all accounts leaked in Q1 2023.

On the other hand, America saw a 25.4% decrease in leaked accounts from the end of 2022 (6.7 million) to the beginning of 2023. However, one in eight of accounts breached over the first quarter of 2023 were of American origin.

India, China, and South Sudan were in the top five the previous quarter, but at the start of 2023, all three countries saw quarter-over-quarter decreases in leaked accounts, according to the cyber security company. India’s numbers fell from 8.5 million to 2.1 million, and China’s declined nearly 30 times, going from 15.4 million to just over half a million.

In terms of region, Europe was the most affected by breaches in Q1 2023 (17.5 million), followed by Asia and North America. All other regions comprised less than 5% of the quarter’s total.

Surfshark added that some of the biggest breaches by email count were Sberbank (Russia), with 2.9 million accounts leaked, Weee! (US) with 1.1 million, and Zurich Insurance (Switzerland) with 756.7k.

Although the number of leaked accounts declined last quarter, the quantity of breached users remains a significant concern, the company claimed. The positive trend in global data breach statistics may make it seem breached accounts are less of a problem than before, but leaked personal information can do “much damage”.

“The fact that over 40 million accounts were breached in just a few months is still a cause for concern,” said Agneska Sablovskaja, lead researcher at Surfshark. “Those whose data was compromised are at an increased risk of being targeted by cybercriminals as their personal information can be utilised for phishing attacks, fraud, identity theft, and other serious cybercrimes.”

With AI continuing to dominate headlines, the technology is now being used to leverage cyber security scams, Apple co-founder Steve Wozniak warns.

Cyber security warnings may also be falling on “deaf ears”, according to a recent article on TI.

To see what your company can do to mitigate attacks, read TI’s report on ransomware here.