Identity Theft Resource Center Q1 2023 Data Breach Analysis: Lack of Actionable Information in Notices Continues to Grow

Date: 04/13/2023

The number of data breaches with no actionable information about the root cause of the compromise grew to 187 in Q1 2023 compared to 155 in Q1 2022

SAN DIEGO, April 13, 2023 – Today, the Identity Theft Resource Center (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the first quarter of 2023. According to the Q1 2023 Data Breach Analysis, there were 445 publicly-reported data compromises in the Quarter, a 13 percent decrease compared to the previous Quarter (512 compromises).

The number of victims (89,140,686) decreased 64 percent over that same span (252,778,204 victims). Compromises in the Manufacturing & Utilities, Technology, Healthcare, and Transportation industries impacted the most people, with an estimated 84 million victims. Also, the number of data breaches with no actionable information about the root cause of the compromise grew to 187 in Q1 2023 compared to 155 in Q1 2022 and five in Q1 2021.

Download the ITRC’s Q1 2023 Data Breach Analysis

“The number of victims and compromises normally drop in Q1 each year,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center. “However, it is troubling to see the trend of a lack of actionable information in data breaches continue from 2022. Among the top ten breaches we saw in Q1, 60 percent did not include information about the root cause of the event, compared to 40 percent in Q4 2022. This means individuals and businesses remain at a higher risk of cyberattacks and data compromises.”

Other findings in the Q1 2023 Data Breach Analysis include:

  • For the third consecutive quarter, the Healthcare industry reported the most data compromises among the top ten compromises in Q1 2023. Eight of the top ten compromises impacted more than one million people.
  • Supply chain attacks continued to be a significant attack vector for threat actors seeking personal information in Q1. Of the 378 breaches attributed to cyberattacks, 53 were supply chain attacks compared to 54 ransomware attacks. Phishing remained the most common attack vector that led to a data breach (106) in Q1.

ITRC to Release Breach Alert for Business

The ITRC has begun a beta for a paid data breach monitoring and alert service for businesses. Breach Alert for Business will allow organizations to conduct due diligence and monitor partner organizations and prospective vendors for data compromises. The service includes unlimited breach searches and future breach monitoring alerts. Business leaders interested in learning more about the new service can fill out our business services interest form and select “notified business alerts”.

To view our 2022 Annual Data Breach Report, click here. Anyone can receive free support and guidance from a knowledgeable live advisor by calling 888.400.5530 or visiting to live-chat.

 About the Identity Theft Resource Center 

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a national nonprofit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its website live-chat and toll-free phone number 888.400.5530. The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified. The ITRC offers help to specific populations, including the deaf/hard of hearing and blind/low vision communities. 

Media Contact 

Identity Theft Resource Center 
Alex Achten 
Director of Communications & Media Relations 
888.400.5530 Ext. 3611 
[email protected] 

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center