Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Identity Theft Resource Center 2023 Annual Data Breach Report Reveals Record Number of Compromises; 72 Percent Increase Over Previous High

Date: 01/25/2024

The ITRC tracked 3,205 data compromises in 2023, 1,404 more than in 2022 and 1,345 more than the previous high in 2021

SAN DIEGO, January 25, 2024 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, will release its 2023 Annual Data Breach Report, its 18th edition, at the Identity, Authentication and the Road Ahead Cybersecurity Policy Forum hosted by the Better Identity Coalition, the FIDO Alliance and the ITRC.

According to the 2023 Annual Data Breach Report, the number of data compromises in 2023 (3,205) increased by 78 percentage points compared to 2022 (1,801). The ITRC set a new record for the number of data compromises tracked in a year, up 72 percentage points from the previous all-time high in 2021 (1,860).

DOWNLOAD THE ITRC’S 2023 ANNUAL DATA BREACH REPORT

The number of victims impacted (353,027,892) decreased by 16 percentage points from 2022 (425,212,090). This is consistent with a general trend of the number of estimated victims dropping slightly each year due to organized identity criminals focusing on specific information and identity-related fraud and scams rather than mass attacks.

According to the 2023 Annual Data Breach Report, the number of data breach notices without specific information nearly doubled year-over-year. In 2023, more than 1,400 public breach notices did not contain information about an attack vector compared to 716 in 2022. Since 2018, the percentage of notices with actionable information has dropped from ~100 percent to 54 percent.

Other findings in the 2023 Annual Data Breach Report include:

  • Nearly 11 percent of all publicly traded companies were compromised in 2023.
  • Publicly traded companies withheld information about an attack in 47 percent of notices compared to 46 percent of other organizations.
  • While most industries saw modest increases, Healthcare, Financial Services and Transportation reported more than double the number of compromises compared to 2022. While Healthcare led all industries in terms of the number of reported compromises in each of the past five years, Utilities companies led in the estimated number of victims in 2023.
  • Most data compromises were due to cyberattacks. Phishing-related and ransomware attacks were down slightly, while Zero Day attacks jumped significantly compared to previous years.
  • Supply chain attacks continue to impact more organizations and victims. The number of organizations impacted has surged by more than 2,600 percentage points since 2018. The estimated number of victims has also risen 1,400 percentage points.

“There is never any one reason why compromises go up or action you can take that will completely prevent data breaches and identity crimes,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “However, in 2022, too many businesses found themselves victimized by a compromise, and too many people found themselves in the crosshairs of these data events.”

“Rather than dwell on the past, we are focused on what we can do moving forward to reduce the impact on victims. It starts with finding ways to reduce the value of personal information to identity criminals and seeking ways to improve the breach notice process to help protect both people and businesses,” Velasquez continued. “These are startling findings, but they are a stark reminder that there is much work to be done to improve data protection and help victims recover when their personal information is misused.”

ITRC Breach Alert for Business Service

The 2023 Annual Data Breach Report also has more information on the ITRC’s new Breach Alert for Business (BA4B) service that helps organizations verify vendors are meeting or exceeding a company’s cybersecurity policies and performance. At a time when attacks against third-party vendors are growing, the ITRC’s BA4B service confirms vendors’ previous data breaches and issues alerts if a vendor is the subject of future data compromises. 

Consumers and victims can receive free support and guidance from a knowledgeable live advisor by calling 888.400.5530 or visiting the ITRC’s website, idtheftcenter.org, to live chat.

About the Identity Theft Resource Center

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a national nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live chat, idtheftcenter.org, and toll-free phone number 888.400.5530. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified. The ITRC offers help to specific populations, including the deaf/hard of hearing and blind/low vision communities.

Media Contact

Identity Theft Resource Center
Alex Achten
Director of Communications & Media Relations
888.400.5530 Ext. 3611
[email protected]

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.