Surfshark Finds US is the Most-Breached Country
A recent study by cybersecurity company Surfshark showed that the U.S. is the most breached country—and has been since 2004, among other alarming findings.
With cybersecurity threats on the rise, Surfshark’s latest project is the first-ever tool that shows how countries are being affected by breaches. The study compiled data from 27,000 leaked databases, and used different metrics to put the numbers in perspective.
“On a global scale, 191 accounts are breached per 100 people on average. However, in the U.S., this number goes up to 694 per 100 people,” said Agneska Sablovskaja, data researcher at Surfshark. “Statistically speaking, a single American person has had around seven instances in which they were victims of data breaches.”
Breaches Open the Door to Other Attacks
A total of 8.7 billion American data points have been lost to breaches, including first names, last names, IP addresses, usernames and other data, according to the report. This opens the door to even more cyberattacks, as one breach can give cybercriminals access to various profiles. With seven breached passwords found per every 10 leaked American accounts, any given breach could create a slippery slope of vulnerability.
“Leaked databases are a very powerful tool for cybercriminals to use when carrying out phishing, malware, ransomware, credential stuffing and spoofing attacks,” said Sablovskaja in an email interview. “Hence, losing data points can definitely be a catalyst for different cybercrimes, including further data breaches.”
It’s clear that the U.S. has a major cybersecurity issue on its hands, making up 15% of all breached users globally, but it’s not clear why Americans get breached on such a large scale.
“We cannot be sure of the exact reasons, as data breaches are often unpredictable,” said Sablovskaja on the U.S.’s large number of breaches. “This can be caused by politically motivated cyberattacks, poor data handling and storing procedures or the absence of personal data privacy legislation.”
Where Cybercrime is the Norm
Although the U.S. has the highest total number of breached accounts, Russia has double the breach rate. With a whopping 1,489 breaches for every 100 people, cybercrime has become the norm in Russia. Furthermore, the email address of every Russian account was breached around 15 times, almost eight times higher than the global average, according to Surfshark.
Overall, the number of breaches has declined since peaking two years ago. The total number of global breaches in Q1 of 2020 reached 447 million, over 10 times more than the 42 million breaches in Q1 of 2022.
“The year 2020 has seen some of the most significant data breaches of our time, including Facebook, Wattpad and Zoom,” said Sablovskaja. “Rising data breaches went hand-in-hand with the COVID-19 quarantine restrictions. Cyberattacks and data breaches have intensified as people moved online and started to rely on digital means of communication. Finally, breach rates started declining globally in Q3 of 2021 when the outbreak of COVID-19 slowed down.”
Globally, users should expect the high volume of breaches to rise, but this may not be the case for Americans. Worldwide breach rates are 6.7% higher this quarter than they were in Q1 of 2022. However, the U.S. is trending in the opposite direction, with breach rates 33% lower this quarter.
To mitigate the risk of breaches, Aleksandr Valentij, CISO at Surfshark, emphasized the importance of treating any suspicious activity seriously, especially phishing attempts. With one in every three online crime victims falling for a phishing attack, it continues to be the most common cybercrime. He also cautioned individuals to make backups of important data to protect against “wiper” attacks. Moreover, using antivirus software, VPN and firewalls can further secure online browsing and provide protection against cyberattacks.
The data breach stats tool is available on Surfshark’s website.
