In 2022, U.S. organizations issued 1,802 data breach notifications, reporting the exposure of records or personal information affecting more than 400 million individuals, the Identity Theft Resource Center reports.
That figure is just 60 breaches shy of the 1,862 breaches in the U.S. that ITRC counted in 2021.
“While we did not set a record for the number of data compromises in the U.S. last year, we came close,” says Eva Velasquez, president and CEO of the ITRC.
That near miss occurred despite a notable dip in data breach volumes during the first half of 2022. Velasquez says Russia-based criminals likely were too distracted or preoccupied back then by their country’s invasion of Ukraine as well as the volatility in the cryptocurrency market. In the second half of the year, breach volume once again began to surge.
The organizations sporting the biggest known 2022 breaches included Twitter, with 222 million records exposed; Neopets, with 69 million victims; AT&T Data, with 23 million victims; and Cash App Investing, with 8.2 million victims.
Based on breach reports, the attributes most often exposed were victims’ names, followed by Social Security numbers, birthdates, current home addresses, driver’s license or state identification numbers, medical details, and bank account numbers.
