70% increase in accounts breached globally in first half of 2022

The latest study by cybersecurity company Surfshark shows that a total of 108.9m accounts were breached in 2022 Q3, with Russia ranking first and amounting to a fifth of all breaches from July through September.

France takes second place, while Indonesia appears in third place after an extremely breach-plenty quarter, followed by the U.S. and Spain. A staggering 70% increase in breached users worldwide comes after a comparatively timid growth in the first half of the year.

Global data from Surfshark’s data breach statistics tool shows the scope and origin of users that have been breached since 2004 and records a growth of 44.52m breached users over the last quarter. The latest statistics update (Q3 2022) ranked Russia first in the world by leaked accounts (22.3m), followed by France (13.8m), Indonesia (13.3m), The U.S. (8.5m), and Spain (3.9m).

Agneska Sablovskaja, Lead Researcher at Surfshark commented: “It’s concerning to see data breaches rising again after a comparatively timid first half of the year, putting a massive 108.9m internet users at risk. Global user breaches are 70% higher this quarter than the last. Every second in the past three months, 14 accounts were leaked – all of them coming from different countries.”

Europe was the most affected region by breaches in Q3

Europe also recorded 52m individual breaches in Q3 alone – the highest of any other continent. However, 40% of them came from Russia, while 27% were from France. Surfshark’s report shows that a single person from Europe has gotten their online account details leaked around 6 times in the past 18 years.

Russia leads by data breaches in each quarter of 2022 so far. Throughout this decade, the United States remained the single most breached country. However, the situation shifted at the start of 2022 when the number of breached Russian accounts rose by 136% (MoM) since the end of February, aligning with Ukraine’s invasion.

Russia’s ally Belarus appeared in 19th position with 539k reported breaches and a more than three times growth from the previous quarter. Meanwhile, Ukraine experienced a 14% drop in breached users quarter-over-quarter, which took them to the 17th position globally.

Last quarter’s massive breaches motivate Indonesia to pass data privacy law

In Indonesia, breached user count has grown by a striking 1370% in the last quarter, amounting to 13.3m victim accounts after several large-scale cyberattacks.

In August 2022, 1.3bn Indonesian SIM registrations that revealed national identity numbers, phone numbers, names of telecommunications providers, and more appeared online. This and many other past incidents have finally pushed Indonesia’s parliament to ratify the Personal Data Protection Act on September 20, 2022, which is the first comprehensive data protection law in the country.

Many other countries, such as those in the EU or Brazil, have also already implemented laws to help keep peoples’ data safe from leaks and threat actors, especially amidst rising cybercrime cases.

The ten most breached countries of Q3 2022 in descending order are Russia, France, Indonesia, The U.S., Spain, China, Brazil, Taiwan, Portugal, and India. The highest growth in user victims was spotted in Zambia (3886%), Bolivia (1913%), Chile (1852%), France (1710%), and Nigeria (1616%).