What States Have The Most Data Breaches?
Data breaches in today’s technology driven world can affect hundreds of millions, if not billions of people at once. As we continue to provide data to various organizations in our daily lives without hesitation, personal information is being exposed more frequently, with some of the largest data breaches occurring in the last decade.
But what is the most common type of personal data breach in the United States?
Interested in this, Forbes Advisor used data from the FBI’s Internet Crime Complaint Center (IC3) from the past five years to determine how many Americans experienced a data breach, which type of breach was the most common and which had the highest total cost lost.
Key findings:
- California is the America state which has had the most data breach victims from 2017 – 2021 at a total of 1,807
- The most expensive type of data breach in America is having your email account compromised, with financial losses of over $7.5 billion.
- Non-payment or non-delivery is the most common type of data breach in the USA with 361,972 cases over the last five years.
- Over the last five years, data breaches have affected over two million people in America, resulting in losses of over $19 billion.
The American states with the most data breach victims 2017-2021
| Rank | American state | Total data breach victims | Total data breach losses ($) |
| 1. | California | 1,807 | $81,013,216 |
| 2. | Texas | 1,587 | $48,592,966 |
| 3. | Florida | 956 | $57,773,356 |
| 4. | New York | 705 | $38,611,033 |
| 5. | Illinois | 395 | $11,872,350 |
| 6. | Pennsylvania | 380 | $17,812,711 |
| 7. | Hawaii | 370 | $987,917 |
| 8. | Virginia | 326 | $7,763,257 |
| 9. | Massachusetts | 291 | $7,887,099 |
| 10. | Washington | 280 | $4,288,745 |
To view the full dataset, which shows the individual results for 50 American states and individual results for each type of data breach, please click here.
Forbes Advisor found that California is the America state that has suffered the most data breaches,
with a total of 1,807 victims from 2017 – 2021. The collective loss incurred by data breach victims in the Golden State equates to a collective $81,013,216.
In second position is Texas with a total 1,587 data breach victims from 2017 to 2021. The overall loss inflicted on the 1,587 equals a colossal $48,592,966.
Rounding off the top ten is Washington. Washington had 280 data breach victims between 2017 – 2021 and these victims lost $4,288,745 from the cyber-crime in this time period.
The most expensive type of data breach in the USA from 2017-2021
| Rank | Data breach type | Total data breaches | Total data breach losses ($) |
| 1. | BEC/EAC (email account compromise) | 94,610 | $7,527,098,098 |
| 2. | Confidence Fraud/Romance | 86,521 | $2,311,138,731 |
| 3. | Investment | 26,259 | $1,717,576,571 |
| 4. | Non-payment/Non-Delivery | 361,972 | $950,596,596 |
| 5. | Real Estate/Rental | 55,296 | $944,761,963 |
| 6. | Personal Data Breach | 202,677 | $938,506,733 |
| 7. | Spoofing | 76,932 | $597,562,604 |
| 8. | Tech Support | 75,399 | $585,695,563 |
| 9. | Identity Theft | 139,535 | $526,526,217 |
| 10. | Credit Card Fraud | 73,685 | $521,169,815 |
Forbes Advisor can reveal that the most expensive type of data breach in the United States over the last five years has been business email compromise and email account compromises (BEC/EAC). In a BEC/EAC scam, criminals will send an email that appears to be from a known source, making a legitimate request, such as being asked by the CEO to purchase gift cards to distribute to employees. There were 94,620 data breach victims in total, with a total financial loss of $7,527,098,098.
Confidence or romance fraud is the second most expensive data breach in the United States, with 86,521 data breach victims and a total financial loss of $2,311,138,731. These scams typically occur when someone adopts a false online identity in order to gain the trust of the victim, but then asks for money. Over the last five years, 2021 was the worst year for these scams, with 20,762 cases reported, with California being the most affected state.
Investment data breaches rank third. Despite only having 26,259 reported cases over the past five years, financial losses due to these breaches has resulted in $1,717,576,571 in financial losses.
Non-payment or non-delivery is the fourth most expensive data breach in the USA, with 361,972 breaches in data and a financial loss of $950,596,596. Non-payment or non-delivery is when you don’t get paid if you ship off an item you have sold, or you don’t get an item you paid for. Non-payment or non-delivery was the most reported cybercrime in the US in 2020, with California being the most affected state with 13,151 data breaches in 2020.
Real estate or rental data breaches round out the top five, with a total of 55,296 breaches and $944,761,963 in financial losses. The real estate industry is not the first thing that comes to mind when discussing data security, but with important information such as bank accounts, contracts, and other details, the real estate industry has become a more attractive target for cyber criminals in recent years.
The most common type of data breach in the USA from 2017-2021
| Rank | Data breach type | Total data breaches |
| 1. | Non-payment/Non-Delivery | 361,972 |
| 2. | No Lead Value | 275,423 |
| 3. | Extortion | 212,819 |
| 4. | Personal Data Breach | 202,677 |
| 5. | Identity Theft | 139,535 |
| 6. | Phishing | 114,652 |
| 7. | BEC/EAC | 94,610 |
| 8. | Confidence Fraud/Romance | 86,521 |
| 9. | Spoofing | 76,932 |
| 10. | Tech Support | 75,399 |
Rob Watts, a Business Editor at Forbes Advisor shared his tips for trying to keep your data safe:
“All told, there is no single solution when it comes to protecting your data. True protection comes from a combination of the right software tools, building your knowledge on cyberthreats and establishing safe practices with your online activity. Many data breaches come as a result of human error, so it’s important to educate yourself in order to spot and counter threats”
Methodology:
- Forbes Advisor sought to determine how many Americans had suffered from data breaches from the last five years – which state had the most data breach victims, which type of data breach was the most common and finally which was the most expensive.
- To do so, data breaches that had occurred from 2017 to 2021 were obtained from the FBI’s Internet Crime Complaint Center. The source provides a comprehensive account of internet crime complaints in those years.
- All of the internet complaints for all 50 states in America were put together and analyzed.
- Then, the data breaches information was extracted from the report and grouped together in one table, which was then ranked from the highest to lowest in each state.
- Following this, the average losses per data breach were calculated and sorted from most expensive to least expensive.
- The data was collected on 06/06/22 and is accurate as of then.
Data credit of Forbes Advisor