What is a data breach?

A data breach is a security incident in which sensitive, protected, or confidential data is accessed, copied, transmitted, or stolen by an unauthorized individual. Data breaches can expose personal information, financial records, intellectual property, and healthcare data.

How many records are exposed in data breaches?

The number of records exposed varies widely by incident. Major breaches can expose hundreds of millions of records. Rankiteo tracks cumulative records exposed across all monitored data breach incidents to provide a comprehensive view of the global breach landscape.

Which industries experience the most data breaches?

Healthcare, financial services, technology, retail, and government sectors consistently experience the highest number of data breaches due to the volume and sensitivity of data they handle, combined with complex IT environments and regulatory requirements.

What is data exfiltration and why does it matter?

Data exfiltration is the unauthorized transfer of data from an organization's network to an external destination controlled by a threat actor. Confirmed exfiltration indicates that stolen data may be sold on dark web marketplaces or used for extortion, making these breaches significantly more impactful than those where exfiltration status is unknown.

How are data breach severity levels determined?

Data breach severity is scored on a 1-10 scale based on factors including the number of records exposed, the sensitivity of the data involved, the exfiltration status, the affected industry's regulatory environment, and the potential downstream impact on individuals and organizations.

Data Breach Statistics & Trends

Q: How does Rankiteo track data breach statistics?

Rankiteo aggregates data breach intelligence from government CERT advisories, breach notification databases (including state attorney general filings), dark web leak sites, vendor security bulletins, and curated open-source threat intelligence feeds. Each incident is automatically classified by severity, industry, exfiltration status, and records exposed.

Comprehensive analytics on 14,446 data breach incidents tracked by Rankiteo. Explore records exposed, affected industries, exfiltration trends, and severity patterns across the global breach landscape.

14,446

Breach Incidents

11967.5B

Records Exposed

16.5K

Companies Affected

78.3

Avg Severity

Data Exfiltration Status

2590

Confirmed Exfiltration (18%)

No Exfiltration (0%)

11796

Unknown / Undisclosed (82%)

11967.5B

Total Records Exposed (6494 known)

Data Breaches Over Time

Most Affected Industries

Hospitals and Health Care

1393

Financial Services

863

Software Development

553

Government Administration

509

Insurance

445

IT Services and IT Consulting

365

Retail

331

Higher Education

330

Banking

324

Non-profit Organizations

242

Law Practice

236

['Software Development']

227

Recent Data Breach Incidents

Incident	Severity	Records Exposed	Industry	Date
UnitedHealth, Ticketmaster, MGM Resorts, Ripple, Snowflake, Google, Allianz, Equifax, Maersk, Toyota, Merck and Oracle: 2025 Cybersecurity Almanac: 100 Facts, Figures, Predictions And Statistics	100 (Critical)	560.0M	['Hospitality', 'Pharmaceutical Manufacturing', 'Technology, Information and Internet', 'Financial Services', 'Software Development', 'Entertainment Providers', 'IT Services and IT Consulting', 'Motor Vehicle Manufacturing', 'Hospitals and Health Care', 'Transportation, Logistics, Supply Chain and Storage']	2025-12-11 00:00:00
Hong Kong precision components supplier and Italian maritime port authority: Ransomware Groups Surge In Q4 2025 – Cyble Insights	100 (Critical)	Undisclosed	['International Trade and Development', 'Computer and Network Security']	2026-01-01 00:00:00
Tencent, MySpace, Twitter, Weibo, Canva, Adobe, Deezer, AdultFriendFinder, U.S. Government and Brazil Government: The 12-Terabyte Ghost: How a Record-Shattering Data Leak Is Arming a New Generation of Cyberattacks	100 (Critical)	26.0B	['Software Development', 'Technology, Information and Internet', 'Government Administration', 'Entertainment Providers', 'Musicians']	2025-01-01 00:00:00
SolarWinds, Kaseya, MoveIt Transfer, PowerSchool, DaVita, NASCAR, Marks & Spencer, Caesars Entertainment and Change Healthcare: Ransomware trends, statistics and facts in 2026	100 (Critical)	62.0M	['Hospitality', 'Consumer Services', 'Spectator Sports', 'E-Learning Providers', 'Retail', 'Software Development', 'Information Technology & Services', 'Hospitals and Health Care']	2024-12-25 00:00:00
Udemy, McGraw-Hill, Vercel and Harvard University: Udemy Data Breach – ShinyHunters Allegedly Claims Compromise of 1.4M User Records	100 (Critical)	1.4M	['Higher Education', 'E-Learning Providers', 'Software Development', 'Education Administration Programs']	2026-04-24 00:00:00
Broadcom	100 (Critical)	Undisclosed	Semiconductor Manufacturing	2025-06-16 00:00:00
Shoppers Drug Mart, President’s Choice, Loblaw, No Frills and PC Optimum: “Threat Actor” on the dark web claims Loblaw’s “low-level” data breach is a much larger threat	100 (Critical)	1.8B	['Financial Services', 'Retail', 'Retail Groceries']	2026-03-13 00:00:00
Co-operative Group, Ingram Micro, Salesforce, Jaguar Land Rover, Oracle, Synnovis and DaVita: Top 10 Ransomware Attacks Over The Past Year	100 (Critical)	Undisclosed	['Retail', 'Software Development', 'Information Technology & Services', 'IT Services and IT Consulting', 'Hospitals and Health Care', 'Motor Vehicle Manufacturing', 'Medical and Diagnostic Laboratories']	2025-01-01 00:00:00
Lamborghini, Volkswagen Group, Porsche, Bentley, Škoda, SEAT and Audi: Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft	100 (Critical)	Undisclosed	['Motor Vehicle Manufacturing']	2025-10-19 00:00:00
Social Security Administration: The Social Security data breach is a national-security disaster that could hurt Americans for the rest of their lives: whistleblower	100 (Critical)	Potentially all Americans with an SSN	['Insurance']	2026-02-04 17:42:00
Oracle Cloud, Azure and AWS: TeamPCP Turns Cloud Infrastructure into Crime Bots	100 (Critical)	Over two million	['IT Services and IT Consulting', 'Technology, Information and Internet']	2025-12-26 00:00:00
DragonForce and Play: Ransomware Attacks Against the US: 2026 Insights	100 (Critical)	Undisclosed	['Computer Games', 'Musicians']	2026-01-01 00:00:00
Kawasaki Motors Europe, Volkswagen, Toyota, Avis Rent a Car, Jaguar Land Rover, Nissan and Scania: Major Cyber Attacks Targeting the Automotive Industry 2025	100 (Critical)	299.0K	['Industrial Machinery Manufacturing', 'Financial Services', 'Motor Vehicle Manufacturing']	2025-11-07 00:00:00
Instructure Inc., Yale University, Princeton University, Stanford University, Harvard University, Rutgers University and Adelaide University: Multiple Colleges Hit by Disruptions After Canvas Service Hack	100 (Critical)	Undisclosed	['E-Learning Providers', 'Higher Education']	2026-05-01 00:00:00
Snowflake	100 (Critical)	hundreds of millions	Software Development	2024-11-06 00:00:13.988000
Salesforce	100 (Critical)	1.5B	Software Development	2025-10-03 00:00:00
T-Mobile	100 (Critical)	50.0M	Unknown	2021-08-01 00:00:00
DermCare Management: DermCare Management Data Breach Exposes Personal Information: Murphy Law Firm Investigates Legal Claims	100 (Critical)	Undisclosed	['Hospitals and Health Care']	2025-02-26 00:00:00
DaVita, Synnovis, BianLian, Compumedics Limited, Ocuco Limited and Ascension: Healthcare ransomware attacks surge 30% in 2025, as cybercriminals shift focus to vendors and service partners	100 (Critical)	7.4M	['Medical Device', 'Computer and Network Security', 'Hospitals and Health Care', 'Software Development']	2025-10-13 00:00:00
Collins Aerospace (RTX Corp)	100 (Critical)	Undisclosed	Aviation and Aerospace Component Manufacturing	2025-09-21 00:00:00

Data Breach Statistics & Trends - 2026 Overview

Data breaches remain one of the most damaging categories of cyber incidents, exposing sensitive personal information, financial records, healthcare data, and intellectual property at massive scale. Rankiteo continuously monitors global breach disclosures to deliver a comprehensive, real-time view of the data breach landscape, including total records exposed, exfiltration confirmation rates, severity patterns, and the industries most affected.

This page aggregates intelligence from 14,446 tracked data breach incidents. Each incident is classified by severity, industry, exfiltration status, and the number of records compromised, enabling security professionals, risk managers, and insurers to make data-driven decisions.

Why Data Breach Statistics Matter

Understanding breach trends is critical for multiple stakeholders across the cybersecurity ecosystem:

CISOs & Security Teams: Identify which industries and data types are most frequently targeted to prioritize data protection controls and detection capabilities.
Third-Party Risk Managers: Evaluate supplier and vendor exposure to data breaches when assessing supply chain risk and conducting due diligence.
Cyber Insurers & Underwriters: Use breach frequency, records exposed, and industry concentration data to model portfolio risk and price premiums accurately.
Compliance & Legal Teams: Track breach notification obligations under GDPR, CCPA, HIPAA, and SEC disclosure requirements using real incident data.
Executives & Boards: Communicate the scale of the breach problem with concrete statistics to justify investments in data security and incident response capabilities.

Understanding Data Exfiltration

Not every data breach involves confirmed data exfiltration, the actual transfer of stolen data outside the victim's network. Rankiteo tracks the exfiltration status of each incident as "Confirmed", "No Exfiltration", or "Unknown/Undisclosed". Breaches with confirmed exfiltration are typically more severe, as they indicate that sensitive data has been accessed and removed by threat actors, often for sale on dark web marketplaces or use in extortion schemes.

Records Exposed: Scale & Impact

The number of records exposed in a data breach is a key metric for assessing impact. A single major breach can expose hundreds of millions of records, including names, email addresses, Social Security numbers, credit card data, and medical records. Rankiteo normalizes diverse record count formats (exact numbers, estimates, ranges) into standardized figures to enable accurate aggregation and comparison across incidents.

Methodology & Related Resources

Rankiteo identifies data breach incidents by monitoring government CERT advisories, breach notification databases (including state attorney general filings), dark web leak sites, vendor security bulletins, and curated open-source threat intelligence feeds. Each incident is automatically classified, scored for severity, and enriched with industry and entity data before being added to this dataset.

Explore related threat intelligence from Rankiteo:

Ransomware Tracker: Strain breakdowns, industry impact, and threat actor analysis for ransomware incidents.
Threat Actor Leaderboard: The most prolific threat actors ranked by incident count and severity.
Cyber Incident Trends: Year-over-year and monthly trend analysis across all attack types.
Top Exploited Vulnerabilities: CVEs most actively leveraged by threat actors in the wild.
Rating Methodology: How Rankiteo scores companies and incidents using its Cyber Resilience framework.