Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Data breaches soar in the US, with 90.4 million accounts leaked in Q1 of 2024

April 2024 by Surfshark

A recent analysis conducted by cybersecurity firm Surfshark reveals that the US had 90.4 million leaked accounts in the first quarter of 2024, adding up to 3 billion leaked accounts in the past 20 years. This places the US as the number one country globally in data breaches, highlighting the country’s urgent need for heightened cybersecurity measures.

"Since 2004, an average of 290 accounts have been breached every minute in the US. The first quarter of 2024 witnessed a 185% increase in breach rates compared to the previous quarter, with 90.4 million accounts compromised. This troubling data emphasizes the critical need for organizations to bolster their cyber defenses and for individuals to prioritize cybersecurity awareness.", says Lina Survila, Surfshark spokeswoman
Some of the biggest breaches of 2024 include Cutout.Pro which affected 685.1K Americans and Pandabuy which affected 205.2K.

1.9B US passwords were leaked since 2004. Coupled with a user’s email address, a leaked password puts them in danger of account takeover that might lead to identity theft, extortion or other cybercrimes.

Surfshark’s analysis positions the US as the most breached country globally, comprising 17.7% of all breaches worldwide. The US is followed by Russia (2.4B), China (1.1B), France (521.6M) and Germany (486.7M).

North America is the second most breached continent in the world, accounting for 20% of the breaches (3.5B). Europe takes the lead, accounting for 30%. Third up is Asia with 15%.
When an email account is breached, the user is at risk of social engineering and identity theft. Scammers might send fake emails pretending to be from legitimate organizations, and those emails might contain links with computer viruses or requests to disclose even more personal information. If the email address was leaked with more personal information like name and address, scammers might even be able to impersonate the victim for various malicious purposes.

If you suspect your information has been breached, you should:

Change the passwords to your accounts immediately

Enable two-factor authentication where possible

Contact your bank if your credit card information was leaked

Scan your devices for malware
Keep an eye out for scams if your email, phone number, or other contact information leaked.


A data breach happens when confidential and sensitive data gets exposed to unauthorized third parties. In this study, we treat every breached or leaked email address used to register for online services as a separate user account, which may have been leaked with additional information, such as password, phone number, IP address, zip code, and more.

The data was collected by our independent partners from 29,000 publicly available databases and aggregated by email address. To determine the location of the email address, our partners’ mechanism looked into several associated parameters, such as domain names, IP addresses, locales, coordinates, currency, or phone numbers. This data was then anonymized and passed on to Surfshark’s researchers to analyze their findings statistically.

The Data Breach World Map is updated monthly with the most recent data from our independent partners. Countries with a population of less than 1M people were not included in the analysis.

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts