The latest data breach yearly recap by Surfshark shows that a total of 300-million accounts were breached in 2023.
The US ranks first, amounting to around a third of all breaches (97-million). Russia takes second place (79-million), while France is third (10-million), followed by Spain (8-million) and India (5-million). The breach rate in the US more than tripled compared to 2022, while the global trends show a general decrease.
“As we look back on 2023, there’s a positive trend in data breaches – a 20% decrease in affected accounts compared to 2022. Despite this improvement, 300 million users worldwide still experienced breaches,” says Agneska Sablovskaja, lead researcher at Surfshark.
“Even a single account data leak can lead to unauthorized access, risking the misuse of personal information, potential identity or financial theft. Using the same passwords across multiple accounts can compromise others, so it’s crucial to use unique and strong passwords for different online services.”
The US jumped to first place with almost 100-million breached online accounts in 2023, being previously ranked third with 31-million in 2022, after Russia and China.
Q2 2023 had the most data breaches over the last year – 134-million, which is 80% more than the yearly average (75-million). Q3 2023 had the fewest data breaches over the last year – 31-million. In the most recent quarter (Q423), Panama and Israel had the biggest increase in data breaches.
In 2023, LinkedIn had almost 11,5-million emails leaked due to the scraping of publicly available information. Out of the leaked accounts, 1,6-million were American, 1,1-million were French, and 700 000 were British. Four Russian platforms, Chitai-gorod, Book24, Gloria Jeans, and SberSpasibo, experienced the second through fifth biggest data breaches. These breaches exposed around 20-million Russian email accounts.
In January, Duolingo had a data breach, resulting in the leak of 2,7-million email addresses. Nearly 1-million of these emails belonged to Americans, 170 000 to South Sudanese, and 120 000 to Spaniards. Another major data leak was on chess.com, where the scraped data of almost 1,3-million people ended up on hacker forums. Of these, 470 000 were American, 76 000 were French, 75 000 were British, and 66 000 were Indian.
In 2023, Europe’s data breaches decreased from 160-million in 2022 to 116,6-million in 2023. To put this into perspective, one in three accounts breached in 2023 originated from Europe, with 67% of these being Russian. North America accounts for 34% of the breaches (101,7-million). North America’s breaches grew 193% in 2023 compared to the previous year.
An additional 9% of the accounts originated from Asia (26,3-million). All other regions comprised less than 5% of the year’s total, and almost 14% remain unknown. Out of all regions, Africa saw the greatest year-over-year decrease — 88%, bringing its total of 25-million leaked accounts in 2022 down to 3-million in 2023.
In descending order, the 10 most breached countries of 2023 were the US, Russia, France, Spain, India, Taiwan, Australia, Italy, the UK, and Brazil.
The countries with the highest breach density in 2023 (number of leaked accounts per 1 000 residents): Russia (542), the US (285), Czechia (207), Taiwan (169), Spain (164), France (162), Australia (134), Panama (98), Sweden (96) and Finland (89).