The US government has suffered a whole load of data breaches we never even knew about

A digital padlock on a blue digital background.
(Image credit: Shutterstock / vs148)

In the decade between 2014 and November 2023, the United States government and its various entities and endpoints suffered exactly 1,283 data breaches. 

In those breaches, 201,184,801 records were affected, costing the government - and thus the average taxpayer - more than $30 billion, new research has claimed.

The report from Comparitech noted 2019 was the biggest year for breaches, as that year there were 226 recorded incidents.

Ransomware dangers

The company added that the year after, 2020, was equally disastrous, with 182 incidents recorded. The year prior, 2018, had the highest number of records affected, exactly 84,794,645.

This year is set to be record-breaking, too. So far, there have been 137 recorded government breaches affecting 22.4 million records. The number of breaches is already greater than the 120 breaches seen last year. The number of records involved is over four times the number breached in 2022 (5 million).

The biggest data breach that any U.S. government entity suffered in the last 10 years was in 2018 when the US Postal Service was hacked and 60 million records were stolen. It is closely followed by the 2015 hack of the Office of Personnel Management that exposed 21.5 million records belonging to current and former US government employees. Finally, there is the 2017 California Secretary of State incident in which 19.2 million records were exposed.

Ransomware remains one of the biggest threats to these organizations, Comparitech concludes, stating that it accounts for almost half of the number of attacks carried out this year so far (63). “According to the data collated by our US ransomware tracker, government agencies see average ransoms of over $920,000,” the report claims.  “Three government agencies are known to have paid up. San Bernardino County Sheriff’s Department paid $1.1 million to its hackers, the Township of Montclair paid $450,000, and Hinds County paid $300,000.”

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.