More than 8.5 billion records were compromised in data breaches in the span of one year ending April 2020, and the average cost of a mega-sized data breach was US$3.86 million, a new report by IBM has found.
IBM’s annual Cost of a Data Breach report is conducted by the Ponemon Institute. The report is based on the analysis of 17 multinational companies that experienced a data breach involving the loss or theft of one million or more records.
The global average cost of a data breach that affects over a million records is US$3.86 million, the report revealed. In terms of individual countries and regions, the US has the highest average cost for data breaches, at US$8.64 million. The Middle East came in second, with an average cost of US$6.52 million. Canada is the third highest, with US$4.5 million.
Between 2019 and 2020, the cost of data breaches increased for most countries, IBM and Ponemon Institute said. While the US saw a 5.5% increase in data breach costs, Canada experienced a slightly higher 6.7% surge.
The report also found that 80% of the large-scale data breaches reported in the year ending April 2020 involved the compromise or theft of customer-related personally identifiable information (PII). By comparison, the exposure of intellectual property only made up 32% of all data breaches recorded, while anonymized customer data was compromised in 24% of breaches – those two were also the second and third highest types of records compromised in data breaches after customer PII.
On average, each customer PII record compromised cost organizations $150, the report said.
In terms of data breach root causes, 54% of all data breaches in the US were due to a malicious attack. In Canada, 42% of data breaches were also caused by hackers.
Data breaches still plague industries that hold a lot of customer PII, but now they are even happening to smaller enterprises, the report found. Healthcare and financial industries have consistently had the highest data breach costs, the report noted. But the Ponemon Institute also found that the average cost of a data breach for mid-sized organizations increased by 7% from 2019 to 2020.