2023 Cybersecurity Industry Statistics: Account Takeover, Ransomware, Data Breaches, BEC & Fraud


With cybersecurity and fraud studies and reports launching almost weekly, who can keep up with all the stats related to account takeover, ransomware, BEC, fraud, and identity theft? We keep a tally ourselves and thought our readers might want access to help bolster their business case to invest in solutions to combat cybercrime and protect their employees, vendors, and consumers from the ever-evolving tactics of cybercriminals.

Account Takeover (ATO) Statistics:

Ransomware Statistics:

  • There were 623.3 million ransomware attacks globally in 2021, up 105 percent in total year over year. In the US, the number of ransomware attacks increased 98% and in the UK 227%. 2022 Sonicwall Cyber Threat Report
  • In 2021 there was an almost 13% increase in ransomware in breaches, accounting for ransomware being present in 25% of breaches – a jump as big as the last five years combined! Verizon 2022 Data Breach Investigations Report
  • Despite increased investment in tools to fight ransomware, 90% of organizations were affected by ransomware in some capacity over the past 12 months, a striking uptick from last year’s 72.5%. SpyCloud 2022 Ransomware Defense Report
  • The IC3 received 2,385 complaints in 2022 identified as ransomware, reflecting losses of more than $33.4 million. FBI Internet Crime Report 2022 [PDF]
  • In 2022, the IC3 received 870 complaints regarding ransomware attacks on critical infrastructure organizations, with 14 of the 16 critical infrastructure sectors having at least one member fall victim to an attack. Healthcare was the sector with the most reported attacks. FBI Internet Crime Report 2022 [PDF]
  • A survey of more than 400 CISOs found that ransomware is the top cyber threat most concerning to respondents. The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond
  • According to IT security leaders, the top three riskiest entry points for ransomware are:
    #1 Unpatched vulnerabilities
    #2 Phishing emails with malicious attachments/links
    #3 Unmanaged devices accessing the network.
    SpyCloud 2022 Ransomware Defense Report
  • 87% of IT security leaders agree that reports of credential-stealing malware such as RedLine Stealer have elevated their organization’s concern of unmonitored personal devices as a potential entry point for ransomware. SpyCloud 2022 Ransomware Defense Report

Data Breach Statistics:

  • There were 1,802 publicly reported data breaches in 2022, just 60 events shy of the all-time high set in 2021. These breaches impacted 422.1 million people, an increase of 41.5% from 2021. Identity Theft Resource Center’s 2022 Data Breach Report
  • The average data breach cost reached an all-time high of $4.35 million in 2022, a 2.6% increase from last year’s average of $4.24 million. IBM Cost of a Data Breach Report 2022
  • The most common initial attack vector for data breaches is compromised credentials, responsible for 19% of breaches (at an average cost of $4.5 million). IBM Cost of a Data Breach Report 2022
  • When it comes to data breaches, “there are four key paths leading to your estate: Credentials (~45% of non–error, non-misuse breaches), Phishing (~18%), Exploiting vulnerabilities (~9%) and Botnets (~2-3%)…no organization is safe without a plan to handle them all.” Verizon 2022 Data Breach Investigations Report
  • 30% of breach cases [involve] some type of malware, and approximately 20% of cases [involve] a Social action.” Verizon 2022 Data Breach Investigations Report
  • 27% of global companies suffered a data breach that cost them between $1M and $20M USD in the past three years. That percentage rises to 34% for North American firms. Only 14% of global companies reported no data breaches during that same time frame. 2023 PwC Global Digital Trust Insights Report

Business Email Compromise Statistics:

Fraud & Identity Theft Statistics:

About SpyCloud: We transform recaptured data to protect businesses from cyberattacks. Our products leverage a proprietary engine that collects, curates, enriches and analyzes data from the criminal underground, driving action so enterprises can proactively prevent account takeover and ransomware, and protect their business and consumers from online fraud. Our unique data from breaches, malware-infected devices, and other underground sources also powers many popular dark web monitoring and identity theft protection offerings. SpyCloud customers include half of the ten largest global enterprises, mid-size companies, and government agencies around the world. Headquartered in Austin, TX, SpyCloud is home to over 150 cybersecurity experts who aim to make the internet a safer place.

Recent Posts

Transforming recaptured data to protect your business.