Data Reveals 304.7M Online Accounts Breached in 2022

At the start of 2023, I am reaching out with statistics about the online data breaches identified over the past year. The report based on raw data from cyber security firm Surfshark shows that in 2022, roughly 304.7 million accounts were breached around the world, which is merely a third of all cases detected in the previous year.

We analysed country-specific data breach figures from 2020 through December 2022, which are updated monthly and published by Surfshark. Our report also looks at the number of exposed online accounts per capita by using population data from free stats and reference website Worldometer. The data breaches include hacked and exposed emails, passwords, usernames, IP addresses, users’ country of origin, and more.

Key Takeaways:

Approximately 304.7 million data breaches were identified in 2022, which is just a 32% of the cases in 2021 and approximately a quarter of all breaches in 2020
In 2022, Russian accounts were breached much more often than the rest of the world – 103.5 million breaches were detected and they accounted for almost a third of all cases
China was the second most strongly affected country with 33.9 million breaches, followed by the United States (22.4 million), France (19.8 million), and Indonesia (14.7 million breaches)
Russia also has the highest number of online breaches per capita – 1,544 breaches per 100 people since 2004. The U.S. comes second with 743 breaches per 100 residents, while France has 651 cases per 100 people

The full report, which features additional information about all these statistics, can be accessed here.

Source: Data breach monitoring – Surfshark

Methodology

The statistics about data breaches are published every month by Surfshark and they track the reported breaches around the world since 2004. They are based on thousands of leaked databases available online and include all cases where a hacker or intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc. To compare the number of breached online accounts to a country’s population, BonusInsider used population figures by Wordometers. They are based on the latest United Nations Population Division estimates for 2020.

Data Reveals 304.7M Online Accounts Breached in 2022

Fachartikel

Keepit KI-Integration: Warum Backup-Systeme andere KI-Regeln brauchen

Phishing über LiveChat: Wie Angreifer SaaS-Plattformen für Datendiebstahl nutzen

XWorm 7.1 und Remcos RAT: Angreifer setzen auf dateilose Techniken und Windows-Bordmittel

KI im Cyberkonflikt: Warum Verteidiger die Nase vorn haben

KadNap: Wie ein neues Botnetz tausende Asus-Router als Proxy-Knoten missbraucht

Studien

Drucksicherheit bleibt in vielen KMU ein vernachlässigter Bereich

Sieben Regierungen einigen sich auf 6G-Sicherheitsrahmen

Lieferkettenkollaps und Internetausfall: Unternehmen rechnen mit dem Unwahrscheinlichen

KI als Werkzeug für schnelle, kostengünstige Cyberangriffe

KI beschleunigt Cyberangriffe: IBM X-Force warnt vor wachsenden Schwachstellen in Unternehmen

Whitepaper

Cloudflare Threat Report 2026: Ransomware beginnt mit dem Login – KI und Botnetze treiben die Industrialisierung von Cyberangriffen

EBA-Folgebericht: Fortschritte bei IKT-Risikoaufsicht unter DORA – weitere Harmonisierung nötig

Böswillige KI-Nutzung erkennen und verhindern: Anthropics neuer Bedrohungsbericht mit Fallstudien

Third Party Risk Management – auch das Procurement benötigt technische Unterstützung

EU-Toolbox für IKT-Lieferkettensicherheit: Gemeinsamer Rahmen zur Risikominderung

Hamsterrad-Rebell

Sichere Enterprise Browser und Application Delivery für moderne IT-Organisationen

Sicherer Remote-Zugriff (SRA) für Operational Technology (OT) und industrielle Steuerungs- und Produktionssysteme (ICS) – Teil 2

Incident Response Retainer – worauf sollte man achten?

KI‑basierte E‑Mail‑Angriffe: Einfach gestartet, kaum zu stoppen

NIS2: „Zum Glück gezwungen“ – mit OKR-basiertem Vorgehen zum nachhaltigen Erfolg