Research Insights: New record number of data compromises is 23 percent over the previous all-time high

According to a report released today by the Resource Center® (ITRC), “The new record number of is 23 percent over the previous all-time high (1,506) set in 2017.

“We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud. Many of the cyberattacks committed were highly sophisticated and complex, requiring aggressive defenses to prevent them. If those defenses failed, too often we saw an inadequate level of transparency for consumers to protect themselves from identity fraud.”

  • -related data breaches have doubled in each of the past two years. At the current rate, ransomware attacks will surpass phishing as the number one root cause of data compromises in 2022.
  • There were more cyberattack-related data compromises (1,603) in 2021 than all data compromises in 2020 (1,108).
  • Compromises increased year-over-year (YoY) in every primary sector but one – Military – where there were no data breaches publicly disclosed. The Manufacturing & Utilities sector saw the largest percentage increase in data compromises at 217 percent over 2020.
  • The number of data breach notices that do not reveal the root cause of a compromise (607) has grown by more than 190 percent since 2020.


Research Insights:


Nasser Fattah, North America Steering Committee Chair, Shared Assessments:

“Unfortunately, data breaches are the gift that keeps on giving and at the cost of customers and businesses. To compound matters, customers have been experiencing breach fatigue due to the number of data breach notices frequently received, which can quickly dull the significance of a breach; not realizing that the breached data can be used to commit identity fraud or account over. And although all states have breach notification laws, they can differ on requirements for notice, personally identifiable information, and breach definition.”