Content Assessment: Red Storm Rising? Data Breaches Rise Globally in Q3 2022
Information - 93%
Insight - 93%
Relevance - 90%
Objectivity - 88%
Authority - 91%
A short percentage-based assessment of the qualitative benefit of the recently updated Data Breach World Map and corresponding Global Data Breach quarterly report from Surfshark.
Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.
To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.
Background Note: Surfshark is a privacy protection toolset developed to help its users control their online presence seamlessly. The company also regularly publishes industry updates on global data breaches. The latest update from Surfshark on global data breaches was published on October 19, 2022. This new update may be beneficial for cybersecurity, information governance, and legal discovery professionals seeking to better understand and address cybersecurity threats and the volume, velocity, and veracity of those threats.
Media Release (October 25, 2022)
Data Breaches Rise By 70% in Q3 Compared to Q2
Russia takes the lead for the most breached users yet again, and Indonesia appears in the top three after data breach scandals
The latest study by cybersecurity company Surfshark shows that a total of 108.9M accounts were breached in 2022’Q3, with Russia ranking first and amounting to a fifth of all breaches from July through September. France takes second place, while Indonesia appears in third place after an extremely breach-plenty quarter, followed by the U.S. and Spain. A staggering 70% increase in breached users worldwide comes after a comparatively timid growth in the first half of the year.
Global data from Surfshark’s data breach statistics tool shows the scope and origin of users that have been breached since 2004 and records a growth of 44.52M breached users over the last quarter. The latest statistics update (Q3’2022) ranked Russia 1st in the world by leaked accounts (22.3M), followed by France (13.8M), Indonesia (13.3M), The U.S. (8.5M), and Spain (3.9M).
“It’s concerning to see data breaches rising again after a comparatively timid first half of the year, putting a massive 108.9M internet users at risk.” – says Agneska Sablovskaja, Lead Researcher at Surfshark. “Global user breaches are 70% higher this quarter than the last. Every second in the past three months, 14 accounts were leaked – all of them coming from different countries.”
Europe was the most affected region by breaches in Q3
Europe also recorded 52M individual breaches in Q3 alone – the highest of any other continent. However, 40% of them came from Russia, while 27% from France. Surfshark’s report shows that a single person from Europe has gotten their online account details leaked around 6 times in the past 18 years.
Russia leads by data breaches in each quarter of 2022 so far. Throughout this decade, the United States remained the single most breached country. However, the situation shifted at the start of 2022 when the number of breached Russian accounts rose by 136% (MoM) since the end of February, aligning with Ukraine’s invasion.
Russia’s ally Belarus appeared in 19th position with 539K reported breaches and a 4x growth from the previous quarter. Meanwhile, Ukraine experienced a 14% drop in breached users quarter-over-quarter, which took them to the 17th position globally.
Last quarter’s massive breaches motivate Indonesia to pass data privacy law
In Indonesia, breached user count has grown by a striking 1370% in the last quarter, amounting to 13.3 Million victim accounts after several large-scale cyberattacks. In August 2022, 1.3 billion Indonesian SIM registrations that revealed national identity numbers, phone numbers, names of telecommunications providers, and more appeared online. This and many other past incidents have finally pushed Indonesia’s parliament to ratify the Personal Data Protection Act on September 20, 2022, which is the first comprehensive data protection law in the country. Many other countries, such as those in the EU or Brazil, have also already implemented laws to help keep peoples’ data safe from leaks and threat actors, especially amidst rising cybercrime cases.
The ten most breached countries of Q3 2022 in descending order are: Russia, France, Indonesia, The U.S., Spain, China, Brazil, Taiwan, Portugal and India. The highest growth in user victims was spotted in Zambia (3886%), Bolivia (1913%), Chile (1852%), France (1710%) and Nigeria (1616%).
The Data Breach World Map was developed in partnership with independent cybersecurity researchers, who collected loads of user data from 27K breached databases that appeared online. Researchers could then sort those combinations based on specific data points, such as countries, and perform a statistical analysis of their findings. Users’ locations were identified by email or website domain name, country, city, coordinates, IP address, locale, currency or phone number.
The Data Breach World Map is updated every month with the most recent data from our independent partners. At the time of this particular study, the data analyzed was from October 1st, 2022. The numbers from July to September 2020 were compared with data aggregated from April to June 2022. Countries with a population of less than 1M people are not included in the analysis. For the full methodology, please refer to: https://surfshark.com/research/data-breach-monitoring/methodology
Surfshark is a privacy protection toolset developed to help its users control their online presence seamlessly. The Surfshark One suite includes one of the very few VPNs audited by independent security experts, an officially certified antivirus, a private search tool, and a data leak alert system. In 2021, Surfshark was recognized as the Most Innovative Security Service at the Cybersecurity Excellence Awards and a Must-have App in TechRadar’s WFH Awards. Visit our research hub at: surfshark.com/research
- [Annual Update] International Cyber Law in Practice: Interactive Toolkit
- Defining Cyber Discovery? A Definition and Framework
Have a Request?
If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.
ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.
ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.