Data Breaches Up 10% Although Victim Count Falls Sharply
This year is set to become another record-breaking year for data breaches, according to the Identity Theft Resource Center (ITRC). The ITRC H1 2025 Data Breach Report shows an 11% year-over-year increase in reported data breaches, with 1,732 data compromises tracked by ITRC between January 1, 2025, and June 30, 2025. That’s 54.9% of the full year total for 2024.
The increase in data breaches has largely been driven by cyberattacks, which account for 77.83% of all confirmed data compromises in H1 – 1,348 incidents. Across those incidents, the personal data of 114,582,621 individuals was compromised – 69.13% of the total number of victims across all data compromise incidents. The second main cause of data breaches was phishing/smishing/BEC attacks, with 251 confirmed incidents, followed by 73 confirmed ransomware attacks. The number of ransomware attacks is likely to be substantially higher, as ransomware is often not mentioned in breach notifications. There were 129 data compromises attributed to system or human error, impacting more than 6 million individuals.
In total, there were 165,745,452 victims of data compromises in H1 2025. While that figure is certainly high, the number of victim notifications currently stands at 12.2% of the total for all of 2024. Data breaches are continuing to increase, but the scale of mega data breaches of 2024 has not been repeated in the first half of 2025.
One clear trend identified by ITRC is the growing threat of supply chain attacks. Cybercriminals target supply chains as they can compromise large numbers of companies through an attack on a single vendor. ITRC identified 79 successful supply chain attacks in H1 2025, which affected 690 entities and resulted in the compromising of the data of 78,320,240 individuals. There has also been an increase in AI-powered phishing attacks. Generative AI platforms are being used to create sophisticated phishing campaigns, which are harder for organizations and individuals to detect.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Healthcare incidents accounted for three of the top five data compromises in H1 2025, which took positions 3-5 behind the PowerSchool breach that affected 71.9 million individuals and the AT&T data breach, which affected almost 44 million individuals, although the AT&T breach occurred in 2021, with the data repackaged and republished in 2025.
The biggest healthcare data breach in H1 2025 was the cyberattack on Yale New Haven Health System in Connecticut, which involved unauthorized access to the protected health information of 5,556,702 individuals, the ransomware attack on the medical device company Episource, which affected 5,418,866 individuals, and a data breach at Blue Shield of California due to misconfigured Google Analytics code, which affected up to 4,700,000 individuals.
Healthcare ranked second for data compromises (283 compromises) behind financial services (387 compromises), followed by professional services (221 compromises), manufacturing (158 compromises), and education (105 compromises). Healthcare data compromises have increased by 19.9% year-over-year but are down 24.9% from the corresponding period in 2023. In terms of affected individuals, there has been a 39.2% year-over-year decrease in the number of victims of healthcare data breaches.
“Through the first half of the year, we’ve seen a continuation, and in some cases, acceleration of the trends from 2024,” said James E. Lee, President of the Identity Theft Resource Center. “Some of these trends are troubling – like the lack of transparency surrounding what caused more than two-thirds of compromises.” This has been a regularly reported issue by ITRC in recent years. Breached companies issue notifications, but it is increasingly common for the root cause of the breach not to be disclosed. In H1 2025, 69% of all notices did not contain the attack vector details.
ITRC also draws attention to the repackaging and republication of previously compromised data. In H1, 16 billion logins and passwords compromised in previous data breaches had been packaged into a single database. “That’s a serious risk for businesses since much of the data is logins and passwords, but it also means individuals need to take steps to protect themselves from identity fraud and scams, which they can learn to do by contacting the ITRC or visiting our website. There’s never a charge for individuals to turn to the ITRC for help,” said Lee.
