2025 Data Breach Statistics by Industry
Data breaches pose a rising threat to consumers and business owners in 2025. Cybercrimes that hackers carry out using ransomware, third-party attacks, exploitation of zero-day vulnerabilities, and more have all placed customers and professionals at risk of losing personal and corporate information. The increased rate of data leaks in 2025 has hit a number of industries particularly hard, leading to theft of millions of consumers’ personal information throughout the year.
If you’ve been affected by a data breach in 2025, you may have legal options—learn how to protect your rights.
2025 Data Breach Statistics
Understanding 2025 data breach statistics by industry is a valuable part of responsible data storage. When you are familiar with common targets and methods of cyberattacks, you can do more to protect your data, especially if you’re a professional in a commonly impacted field. Businesses and consumers both suffer when data breaches occur. Maintaining up-to-date knowledge of current rates of attack and new challenges in data security enables you to better protect yourself and your information.
Key Trends in Data Breaches Across Industries
A number of significant trends are emerging around data breaches in 2025. A rise in the frequency of cyberattacks, increasingly sophisticated hacking methods, and specialized targeting of different industries have contributed to a high risk of data breaches this year for consumers and industry professionals alike.
Rising Frequency of Attacks
Data breaches have increased in frequency across all industries throughout 2025. 2024 saw 3,158 total breaches, compromises, and exposures throughout the year. By the end of the first half of 2025, reports already indicated that 1,732 breaches had taken place, representing a 10% increase in attack rates on a year-to-year basis.
Data breach professionals often warn of the dangers of social engineering or misuse of corporate privileges when discussing the causes of data breaches. However, cyberattacks performed via system intrusion jumped roughly 15% from 2024 to 2025, suggesting that cybercriminals are now resorting to direct hacks rather than attempts to fraudulently secure credentials. An emboldened attitude toward this style of attack means that people and companies may have an even more difficult time defending themselves from hacks and leaks.
Shift Toward Health Care Industries
Health care industries have become a growing target for data breaches. Consumers’ protected health information, or PHI, is a valuable resource for cybercriminals to use against their victims. Hospitals and insurance providers such as the Yale New Haven Health System, Blue Shield of California, and Community Health Center, Inc., each issued millions of victim notices in 2025, constituting some of the top 10 data breaches of the year.
2025 Data Breach Statistics by Industry
Common industries and sectors impacted by data breaches include health care, retail, financial services, government, and education. In 2025, the financial services sector was on the receiving end of the highest number of data breaches, followed closely by the healthcare industry in second place.
Health Care Industry
The health care industry was the second-most targeted industry of 2025, with a reported 283 data compromises between January and June . Ransomware, phishing, insider threats, and other forms of cyberattacks have threatened the PHI of millions of patients, insurance customers, and other consumers.
This year, major breaches have impacted 5.4 million people through the health care platform Episource, 5.6 million at the Yale New Haven Health System, and 4.7 million through Blue Shield of California. Additionally, dozens of institutions storing unsecured PHI have reported data breaches under governmental investigation by the Office for Civil Rights.
Retail Industry
Retail corporations are particularly vulnerable to data breaches and cyberattacks due to the risk of corporate and consumer data theft both online and in person. Credit card fraud, point-of-sale system vulnerabilities, and customer data theft are all potential problems for the retail industry.
The rise in usage of e-commerce platforms has also impacted retail breaches in 2025, such as in a recent leak of information from 1.6 million customers of shops on platforms such as Etsy, Poshmark, and TikTok. Other retail corporations, such as Coca-Cola and McDonald’s, lost critical employee and job applicant data to hackers in 2025, demonstrating that customers aren’t the only parties at risk of personal information leaks when retail companies fall victim to an attack.
Financial Industry
The financial sector was the hardest-hit industry in early 2025, with a total of 387 reported compromises by the end of the first half of the year. Banks, investment firms, and financial technology (“fintech”) companies suffered major consumer and industry information leaks. Account takeovers, money laundering, and breaches affecting consumer financial information have all rocked the financial services industry, leading to data leaks at Coinbase, Ripple, and Western Alliance Bank.
Government Sector
Government entities are common targets of hackers seeking to prove their ability to bypass high-level cybersecurity measures in violation of federal data breach laws. In 2025, local, state, and federal governments all fell victim to data breaches.
The most notable breaches were the multiple attacks the U.S. Treasury revealed had taken place from 2020 to 2025, indicating serious cybersecurity problems potentially exacerbated by a lack of cybersecurity professionals. Information at the National Nuclear Security Administration was also the target of a broader hack of Microsoft SharePoint on July 18, 2025.
Education Industry
The educational industry has been a ripe target for cybercriminals throughout 2025. Universities, K-12 school systems, and educational technology platforms have all suffered data breaches targeting personal student data, research information, and security gaps.
Ransomware attacks were a particular risk for education providers in the first half of 2025, jumping 23% compared to 2024. The software platform PowerSchool suffered the largest recorded data leak so far this year, affecting 71.9 million victims. Other major breaches in the education sector have included a leak of New York University’s applicant database, affecting 3 million people who had applied to the school since 1989.
Technology and IT Sector
The technology and IT sector, including software companies, cloud services, and IT service providers, are frequent targets for hackers due to the large amount of digital information and extensive access to technological devices available in the industry.
While tech and IT companies often invest substantially in cybersecurity measures, they can still fall victim to sophisticated hacking techniques, including supply chain attacks and zero-day vulnerability breaches. Major tech breaches can have wide-ranging effects on clients in other industries that use tech companies as third-party vendors, such as in the massive leaks of information through the Microsoft SharePoint and PowerSchool attacks.
The Impact of Data Breaches on Businesses and Consumers in 2025
Data breaches have major consequences for both businesses and consumers, including financial impacts, reputational damage, legal consequences, and consumer trust. As of 2024, the average cost of a data breach for an American company was $9.36 million, while the global average cost amounted to $4.88 million. The staggering price tag of a cyberattack means it’s more important than ever for businesses to take action to protect corporate and consumer data.
Take Action and Protect Your Data
If you believe you’ve been the victim of a data breach, don’t wait to fight for justice. You may be eligible to start a class action lawsuit or join an existing suit for customers whose data was affected. The class action data breach lawyers at Class Action U are ready to help you protect your data and seek the compensation you deserve. Contact us online today to take action.
"*" indicates required fields
