News
Breached users down by 81% in the last quarter of 2021
January 2022 by Surfshark
Cybersecurity company Surfshark reports a large drop in breached users from October through December 2021. An analysis shows the calmest quarter of last year, with an 81% decrease in affected accounts (44.2 million) compared to the previous one (235.6 million). The US, Russia, and South Korea were the most breached countries in the last three months.
Surfshark’s analysis determined that the first quarter was the most severe in terms of data breach victims, affecting 500M million users globally. However, the following months showed a significant decrease, while in the last quarter the case count fell to its lowest – 44.2M. Compared to Q3, the numbers show an 81%, or a fifth-fold drop from 235.6M.
The ten most breached countries of Q4 2021 in descending order were: the US, Russia, South Korea, Brazil, Chile, Spain, France, Ukraine, Canada, and Israel. Most countries at the top showed far fewer exposed users than in the previous months, with the US, France, and Canada showing a 90% decrease quarter-over-quarter.
However, breach cases grew by 94% in Ukraine, and the largest 945% jump was recorded in South Korea. The Reddoorz case may have influenced the latter, which was the most significant data breach in Asia in Q4, affecting 5.9 million Singapore and Southeast Asian hotel customers.
In the United States, a total of 6.8M Americans were breached during Q4. This is possibly due to the recent major breaches in large companies like Robinhood, Eskenazi, and GoDaddy.
"We see that overall breached user numbers have decreased significantly in the past three months, but annual statistics stay high," – says Vytautas Kaziukonis, Chief Executive Officer of Surfshark. “First quarter of 2021 was the most active of the year in terms of affected accounts. Thus, we’re hoping to see a more positive start of 2022 and encourage people to be more mindful about the data they are giving to various websites and digital platforms."
Every 100th user has been subject to data breaches between October and December in Spain, France, and Brazil. In the United States, Russia, Ukraine, and Canada, 2 out of 100 internet users were compromised. In Israel, the density was the highest – 7 out of 100 users got exposed in Q4 2021.
Despite the general 81% drop, the numbers remain concerning, as almost one billion emails were exposed in 2021 alone. Surfshark constantly monitors publicly available data leaks and equips this knowledge into its online tools to inform people about the extent of data breaches. The company recently developed a new website safety warning feature, which adds a disclaimer to domains that have been part of significant data breaches in the past. The add-on is available for Surfshark VPN users free of charge to help mitigate possible risks.
Methodology
The data from this study was taken from the Surfshark Alert (a data breach detection tool) database, which comprises publicly available breached data sets to inform our users of potential threats. The analysis looked into data breaches that occurred from October to December 2021 (Q4) and compared them with the numbers from July through August 2021 (Q3). Breached accounts were analyzed according to the country’s origin, and the actual time the breach was recorded. All information either stolen or taken from a system without the authorization of the platform’s owner (in other words, proactively hacked or scrapped) is considered a data breach. Data associations to specific breach instances are only stipulated.
