The healthcare industry tops the list of the most expensive data breaches, with a $7.13 million average data breach cost, 84% more than the global average.
That’s according to data presented by AksjeBloggen.com, which says that with millions of people working from home and using videoconferencing and cloud applications, the COVID-19 pandemic has only increased the number of malicious attacks.
The data says the global average cost of a data breach has fluctuated between $3.5 million and $4 million in recent years. In 2020, it hit $3.86 million, a 1.5% drop year-on-year, revealed the Ponemon Institute’s Cost of a Data Breach Report 2020 commissioned by IBM. The report also showed it usually took 280 days for an organization to spot and contain a breach, a day more than a year ago. However, statistics indicate these figures vary significantly based on industry.
Besides leading in the average cost of a data breach, the healthcare industry also had the highest average time to identify a violation of 329 days. The energy industry ranked second of the 17 sectors surveyed, with $6.39 million in average cost and 254 days to spot a breach.
Financial services, pharma industry, and technology sector follow, with $5.85 million, $5.06 million, and $5.04 million in average data breach cost, respectively.
Analyzed by geography, the United States convincingly leads among all surveyed countries with an average data breach cost of $8.64 million, a 5.5% increase in a year. Statistics also show this figure surged by 60% in the last seven years, growing from $5.4 million in 2013. Financial services represent the costliest industry in the United States in 2020, while companies and organizations need 237 days to identify a breach, compared to 245 days in 2019.
Germany leads among European countries with an average data breach cost of $4.45 million in 2020, a 7% drop year-on-year, while companies usually need 160 days to identify a data breach.
Malicious attacks caused 52% of all breaches. Human error and system glitches follow with 23% and 25% share, respectively. Statistics also show that around 20% of companies that had been victims of a malicious breach were hacked by using stolen or compromised credentials.
The survey also revealed the number of exposed data significantly raised the total cost of a data breach. Breaches of 1 million to 10 million records cost an average of $50 million, or 25 times the average cost of a data breach in 2020. In breaches that exposed more than 50 million records, the average cost grew to a staggering $392 million.
The five largest data breaches in 2020 exposed a total of 406.6 million records, according to DataBreaches.net statistics. In January, 250 million Microsoft customer records have been exposed online without password protection, the biggest data breach since the beginning of the year. The exposed data included customer service and support logs detailing conversations between Microsoft agents and customers from 2005 to December 2019.
In May, 115 million Pakistani mobile user records have leaked online, the second-largest data breach this year. The same month, a massive data breach of the unknown source has exposed the records of 22 million people, including their phone numbers, addresses, and social media links.
The fourth-biggest data breach in 2020 exposed the personal data of more than 10.5 million users who stayed at MGM Resorts. Leaked files included contact details of CEOs and employees at some of the world’s largest tech companies.
In May, British low-cost airline group EasyJet admitted it had been a target of a highly sophisticated cyber-attack, which has exposed the personal data, including credit and debit card details, of more than nine million their customers.