Leaked accounts increased by five times in Q1 2024 compared to Q4 2023 – up from 81-million to 435-million – according to data from cybersecurity specialist Surfshark.
So far this year, the US, China and Russia were the most breached countries. Since 2004, a total of 17,2-billion accounts have been breached and approximately 6,5-billion of them have unique email addresses.
“Surfshark’s extensive monitoring of data breach trends over the past two decades reveals an alarming digital reality: data leaks persist as an ongoing global threat,” says Surfshark’s Lina Survila. “Since 2004, a staggering 17-billion user accounts have been leaked worldwide with 400-million occurrences recorded at the start of this year alone.
“We urge everyone to remain vigilant, create strong passwords, refrain from reusing them, and exercise caution when sharing personal information online,” Survila says.
In Q4 2023, 627 accounts were being breached every minute. In Q1 2024, however, breach rates are 435% higher with 3 353 accounts being leaked every 60 seconds. It means that five out of 100 people in the world suffered account breaches in Q1 2024.
Out of 17-billion leaked user accounts, 38% of them are unique email addresses. A total of 60,9-billion data points have been exposed (17,2-billion of them have been email addresses) since 2004. On average, each email address is leaked with three additional data points. American and Russian accounts are leaked the most often.
In descending order, the 10 most breached coutries since 2004 were: the US (3-billion), Russia (2,4-billion), China (1,1-billion), France (521,6-million), Germany (486,7-million), Brazil (354,2-million), the UK (321,9-million), India (320,5-million), Italy (266,8-million) and Canada (213,8-million).
The countries with the highest breach density since 2004 (number of leaked accounts per resident): Russia (16,8), the US (9), South Sudan (8,1), France (8,1), Czechia (6,1), Singapore (5,8), Germany (5,8), Canada (5,5), Australia (5,3), the UK (4,8) and Portugal (4,7).
Most people use the same email for different accounts when registering online. That’s why a single email or account can be breached several times in separate cases and some numbers may seem so high (like 17,2-billion total breached accounts).
When an email account is breached, the user is at risk of social engineering and identity theft. Scammers might send fake emails pretending to be from legitimate organisations and those emails might contain links with computer viruses or requests to disclose even more personal information.
If the email address was leaked with more personal information like name and address, scammers might even be able to impersonate the victim for various malicious purposes.
If you suspect your information has been breached, you should:
* Change the passwords to your accounts immediately.
* Enable two-factor authentication where possible.
* Contact your bank if your credit card information was leaked.
* Scan your devices for malware.
* Keep an eye out for scams if your email, phone number, or other contact information has been leaked.