Average Cost of Data Breach in Healthcare Industry Hit $7.13 Million in 2020
The average cost for a healthcare data breach is 84% more than the global average.
London — Recent years have witnessed a surge in the number of data breaches, causing a massive financial hit to businesses worldwide. With millions of people working from home and using videoconferencing and cloud applications, the COVID-19 pandemic has only increased the number of these malicious attacks. According to data presented by AksjeBloggen.com, the healthcare industry tops the list of the most expensive data breaches with a $7.13 million average data breach cost, 84% more than the global average.
Global Average Data Breach Cost Hit $3.86 Million in 2020, 1.5% Drop Year-on-Year
The global average cost of a data breach has fluctuated between $3.5 million and $4 million in recent years. In 2020, it hit $3.86 million, a 1.5% drop year-on-year, revealed the Ponemon Institute’s Cost of a Data Breach Report 2020 commissioned by IBM. The report also showed it usually took 280 days for an organization to spot and contain a breach, a day more than a year ago. However, statistics indicate these figures vary significantly based on industry.
Besides leading in the average cost of a data breach, the healthcare industry also had the highest average time to identify a violation of 329 days. The energy industry ranked second of the 17 sectors surveyed, with $6.39 million in average cost and 254 days to spot a breach.
Financial services, pharma industry, and technology sector follow, with $5.85 million, $5.06 million, and $5.04 million in average data breach cost, respectively.
Analyzed by geography, the United States convincingly leads among all surveyed countries with an average data breach cost of $8.64 million, a 5.5% increase in a year. Statistics also show this figure surged by 60% in the last seven years, growing from $5.4 million in 2013. Financial services represent the costliest industry in the United States in 2020, while companies and organizations need 237 days to identify a breach, compared to 245 days in 2019.
Germany leads among European countries with an average data breach cost of $4.45 million in 2020, a 7% drop year-on-year, while companies usually need 160 days to identify a data breach.
Malicious attacks caused 52% of all breaches. Human error and system glitches follow with 23% and 25% share, respectively. Statistics also show that around 20% of companies that had been victims of a malicious breach were hacked by using stolen or compromised credentials.
Five Largest Data Breaches in 2020 Exposed 406.6 Million Records
The survey also revealed the number of exposed data significantly raised the total cost of a data breach. Breaches of 1 million to 10 million records cost an average of $50 million, or 25 times the average cost of a data breach in 2020. In breaches that exposed more than 50 million records, the average cost grew to a staggering $392 million.
The five largest data breaches in 2020 exposed a total of 406.6 million records, according to DataBreaches.net statistics. In January, 250 million Microsoft (NASDAQ: MSFT) customer records have been exposed online without password protection, the biggest data breach since the beginning of the year. The exposed data included customer service and support logs detailing conversations between Microsoft agents and customers from 2005 to December 2019.
In May, 115 million Pakistani mobile user records have leaked online, the second-largest data breach this year. The same month, a massive data breach of the unknown source has exposed the records of 22 million people, including their phone numbers, addresses, and social media links.
The fourth-biggest data breach in 2020 exposed the personal data of more than 10.5 million users who stayed at MGM Resorts (NYSE: MGM). Leaked files included contact details of CEOs and employees at some of the world’s largest tech companies.
In May, British low-cost airline group EasyJet (LON: EZJ) admitted it had been a target of a highly sophisticated cyber-attack, which has exposed the personal data, including credit and debit card details, of more than nine million their customers.
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
