16. Januar 2023
At the start of 2023, I am reaching out with statistics about the online data breaches identified over the past year. The report based on raw data from cyber security firm Surfshark shows that in 2022, roughly 304.7 million accounts were breached around the world, which is merely a third of all cases detected in the previous year.
We analysed country-specific data breach figures from 2020 through December 2022, which are updated monthly and published by Surfshark. Our report also looks at the number of exposed online accounts per capita by using population data from free stats and reference website Worldometer. The data breaches include hacked and exposed emails, passwords, usernames, IP addresses, users’ country of origin, and more.
Key Takeaways:
- Approximately 304.7 million data breaches were identified in 2022, which is just a 32% of the cases in 2021 and approximately a quarter of all breaches in 2020
- In 2022, Russian accounts were breached much more often than the rest of the world – 103.5 million breaches were detected and they accounted for almost a third of all cases
- China was the second most strongly affected country with 33.9 million breaches, followed by the United States (22.4 million), France (19.8 million), and Indonesia (14.7 million breaches)
- Russia also has the highest number of online breaches per capita – 1,544 breaches per 100 people since 2004. The U.S. comes second with 743 breaches per 100 residents, while France has 651 cases per 100 people
The full report, which features additional information about all these statistics, can be accessed here.
Source: Data breach monitoring – Surfshark
Methodology
The statistics about data breaches are published every month by Surfshark and they track the reported breaches around the world since 2004. They are based on thousands of leaked databases available online and include all cases where a hacker or intruder copied and leaked user data such as names, surnames, email addresses, passwords, etc. To compare the number of breached online accounts to a country’s population, BonusInsider used population figures by Wordometers. They are based on the latest United Nations Population Division estimates for 2020.
Fachartikel
Europas digitale Verteidigung: Strategien gegen technologische Erpressung
PKI-Management: Wenn Zertifikatsverwaltung zum Kostentreiber wird
Prompt-Injection: Wenn KI-Systeme ihre Anweisungen vergessen
AWS IAM Identity Center: IPv6-Unterstützung für direkte Netzwerkverbindungen
Sicherheitslücke in MCP-Servern: Wie unbeschränkte URI-Aufrufe Cloud-Infrastrukturen gefährden
Studien
Deutsche Unicorn-Gründer bevorzugen zunehmend den Standort Deutschland
IT-Modernisierung entscheidet über KI-Erfolg und Cybersicherheit
Neue ISACA-Studie: Datenschutzbudgets werden trotz steigender Risiken voraussichtlich schrumpfen
Cybersecurity-Jahresrückblick: Wie KI-Agenten und OAuth-Lücken die Bedrohungslandschaft 2025 veränderten
![Featured image for “Phishing-Studie deckt auf: [EXTERN]-Markierung schützt Klinikpersonal kaum”](https://www.all-about-security.de/wp-content/uploads/2025/12/phishing-4.jpg)
Phishing-Studie deckt auf: [EXTERN]-Markierung schützt Klinikpersonal kaum
Whitepaper
Künstliche Intelligenz bedroht demokratische Grundpfeiler
Insider-Risiken in Europa: 84 Prozent der Hochrisiko-Organisationen unzureichend vorbereitet
ETSI veröffentlicht weltweit führenden Standard für die Sicherung von KI
Allianz Risk Barometer 2026: Cyberrisiken führen das Ranking an, KI rückt auf Platz zwei vor
Cybersecurity-Jahresrückblick: Wie KI-Agenten und OAuth-Lücken die Bedrohungslandschaft 2025 veränderten
Hamsterrad-Rebell
NIS2: „Zum Glück gezwungen“ – mit OKR-basiertem Vorgehen zum nachhaltigen Erfolg
Cyberversicherung ohne Datenbasis? Warum CIOs und CISOs jetzt auf quantifizierbare Risikomodelle setzen müssen
Identity Security Posture Management (ISPM): Rettung oder Hype?
Platform Security: Warum ERP-Systeme besondere Sicherheitsmaßnahmen erfordern
