News
Russia is the most breached country of Q1’2022, spike in victims spotted in March
April 2022 by Surfshark
Cybersecurity company Surfshark’s study found that Russia is first in terms of breached accounts from January-March 2022, with more than 3.5M internet users affected. Since the start of Ukraine’s invasion in March, 136% more Russian accounts were breached than in February. The second place in the ranking is claimed by the US, followed by Poland, France, and India. Poland shot up the chart due to a sharp spike in breaches amidst widespread phishing attacks. Meanwhile, Ukraine appeared in 67% fewer breaches than in the quarter before the war.
The analysis highlights that the top five countries with the most data breaches account for half of all leaks in Q1’2022. Russians alone make up almost a fifth of all global victims, of which were 3.55M. The numbers in the country are 11% higher than in the last quarter, surpassing the usual “front runner” US.
The number of breached Russian accounts rose by 136% (MoM) since the start of Ukraine’s invasion in the end of February. Ukraine’s invasion has likely influenced this situation as the hacker group Anonymous declared that it was targeting the country just days after the start of the war.
Surfshark Alert’s database analysis determined that the first quarter of 2022 was lower than the last in terms of data breach cases. To put it in real numbers, 18,174,132 email accounts were breached in 2022’Q1. Whereas, there were 43,169,912 breaches in the previous quarter, signaling a decline of 58% quarter-over-quarter. So far in 2022, data of two internet users was leaked every second.
Users in Ukraine appeared in 67% fewer breaches than in the quarter before the invasion. It’s now 15th in the world - previously, from October to December 2021, Ukraine was the most breached country in Eastern Europe.
"Data breaches remain one of the most common types of cybercrime, despite the decline it has demonstrated in the past months’’, – explains Aleksandr Valentij, Chief Information Security Officer at Surfshark. "Pools of leaked emails, passwords, telephone numbers, and even more sensitive data are often sold on the dark web to be later used in phishing attacks, ransomware, or even identity theft. As we can see from our latest data, some countries were more vulnerable to such instances than others in the past months."
The US, which came in second place, shows a positive downward trend in data breaches for the second quarter in a row. The US had almost 50% fewer affected users in 2022 than in the last quarter, with around 2.5M users breached.
Poland took third place and shot up the chart due to a 514% spike in breaches this year, with 961K users breached in the first quarter of 2022. In comparison, there were only 159K breaches in 2021’Q4. Poland’s media reported a wave of telephone phishing attacks at the beginning of the year, seeking to lure out credit card details.
The top 20 most breached countries of Q1 2022 in descending order are Russia, the U.S., Poland, France, India, Turkey, Australia, Indonesia, Hong Kong, Germany, the U.K, Brazil, China, Philippines, Ukraine, Spain, Czechia, Taiwan, Canada, and South Korea. The full data can be found in the blog post here:
Methodology
The data from this study was taken from the Surfshark Alert (a data breach detection tool) database, which comprises all publicly available breached data sets to inform our users of potential threats. The examined data was taken from three months between January 2022 to March 2022. The selected data was then analyzed and compared to the data from the previous quarter, October to December 2021.
