Data breaches actually fell in the first part of 2023

Data Breach
(Image credit: Shutterstock)

A total of 41.6 million breached accounts were detected in the first quarter of 2023, which may sound like a huge figure, but is actually a significant drop, a new global report from cybersecurity experts Surfshark states. 

The figure represents a 49% decrease in breached users worldwide compared to the fourth quarter of the previous year, the company says, however, despite the seemingly positive outlook, having more than 41 million breached accounts gives us very little reason to rejoice, the researchers said, adding that in some parts of the world, the number of breached accounts still rose. 

The researchers are warning that cybercriminals can use stolen account information to run all kinds of scams and cyberattacks, from business email compromise, to identity theft, wire fraud, and more.

Fraud and scams

The majority of the breached accounts were located in Russia - 6.6 million. U.S. accounts were second with 5 million, followed by Taiwan (3.9m), France (3.2m), and Spain (3.2m). Taiwan experienced a major spike, with the number of breached accounts increasing 21 times quarter-on-quarter, up from 191,000 in Q4 2022. 

Generally speaking, one user account was leaked every second in Q1 2023.  

Europe was the only region with a “significant” increase in breached accounts, quarter-on-quarter, Surfshark stated, as the number nearly doubled from 9.9 million to 17.5 million. The number of leaked accounts in the Czech Republic increased ninefold. Still, they pale in comparison to those from Taiwan and Saudi Arabia. In these countries, there had been around 20 times more leaked accounts in Q1 2023, compared to Q4 2022. South Korea saw a 12-fold increase. 

Some of the biggest breaches by email count were Russia’s Sberbank (2.9 million accounts leaked), US’ Weee! with 1.1 million leaked, and Zurich Insurance from Switzerland with 756,700 leaked. 

To draft the report, Surfshark collected data from 29,000 publicly available databases.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.