Average data breach cost surpasses $4 million in 2021, record growth of 10% YoY
According to data presented by Atlas VPN, the average financial damages caused by a data breach grew around 10% year over year to $4.24 million in 2021. This is the highest increase in a single year since the start of the reporting period in 2015.
A breach comes with many negative consequences to the company, including lost sales, a shattered reputation, data recovery costs, and potentially even employee layoffs. The record-high average losses can be directly linked to the rapid onset of remote work, as it created many new loopholes for cybercriminals to exploit.
The numbers are provided by IBM, where between May 2020 and March 2021, researchers conducted roughly 3,500 separate interviews with individuals from 17 countries and 537 firms that had experienced a data leak.
In 2020, a data breach caused an average of $3.86 million in monetary damages, while in 2021, the number spiked to $4.24 million, representing a 9.84% increase. Meaning, these losses are at record heights since 2015.
Seven years ago, the average total cost of a data breach stood at $3.79 million. The lowest losses were seen in 2017, where companies suffered about $3.62 million in damages per incident.
Moreover, the average data leak cost in the US stands at $9.03 million, which is the highest number globally. The Middle East is in second place, with average losses reaching $6.93 million per incident.
Looking at data breaches from the perspective of the customers whose data was stolen, what dangers are they exposed to?
The study reveals that as many as 44% of records stolen included some kind of personally identifiable information (PII). Examples of this information include email address, Social Security number, full name, driver's license number, bank account number, and passport number.
Fraudsters that obtain this information can carry out various kinds of fraud, ranging from locking you out of your online accounts to full-blown identity theft.
Data breach costs by industry
Interestingly, financial damages vary widely depending on the industry of the enterprise that fell victim to the data leak.
Incidents in the healthcare industry are the costliest, as losses averaged a staggering $9.23 million this year. Healthcare companies tend to store a lot of sensitive data about their customers which can explain the high costs per breach.
The healthcare sector also experienced one of the highest year-over-year monetary loss increases. The damages jumped from $7.13 million in 2020 to $9.23 million in 2021, a 29.5% growth.
Among the top five worst affected industries are the financial ($5.72 million), pharmaceuticals ($5.04 million), technology ($4.88 million), and energy ($4.65 million) sectors. The energy sector dropped from the second most costly in 2020 at $6.39 million to fifth place in 2021.
At the other side of the spectrum stands the public sector, where damages hover around $1.93 million, but the increase from 2020 is substantial at 78.7%.
Many other industries faced large YoY increases as well, such as media (92.1% growth), hospitality (76.2% growth), retail (62.7% growth), and consumer (42.9% growth).
The overall findings only confirm the trend that we have seen in the past year - cybercrime damages are ramping up faster than ever before.
For those interested in learning more about the cyberthreat landscape, check out our 2021 H1 Cybercrime Statistics report.
Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.