30+ Concerning Cybercrime Statistics [2026]: The Cost, Trends + Facts

Research Summary: When envisioning a large-scale robbery, many might picture a group of masked criminals storming a bank. However, the reality is that cybercrime has resulted in over $8 trillion in losses globally as of 2022, highlighting the significant and often unseen threat it poses.

Cybercrime’s stealthy nature allows hackers to operate undetected while stealing sensitive information, leaving no individual or organization safe from its reach.

To better understand the escalating issue of cybercrime, we’ve compiled a comprehensive collection of statistics. Our research reveals:

23% of Americans (almost one in four) have fallen victim to cybercrime.
54% of companies have faced a cyberattack in the past year.
The average cost of a data breach stands at $4.35 million as of 2022.
88% of professional hackers can breach an organization in less than 12 hours.

General Cybercrime Statistics

Understanding the prevalence of cybercrime requires a look at some essential facts about its current state:

A new cybercrime victim emerges every 37 seconds.

In the time it takes to read this article, an estimated eight individuals will have fallen victim to cybercrime. Ransomware attacks are even more frequent, occurring approximately every 11 seconds.
86.2% of organizations have experienced a successful cyberattack.

In contrast, only 61.9% of organizations faced successful cyberattacks in 2014. This upward trend has been consistent for several years.

Year Share of organizations hit by a successful cyber attack

2014 61.9%

2015 70.5%

2016 75.6%

2017 79.2%

2018 77.2%

2019 78.0%

2020 80.7%

2021 86.2%
Cybercrime cost the US $6.9 billion in 2021 alone.

By 2022, the average cost of a data breach in the US rose to $9.44 million, significantly higher than the global average, indicating that numerous breaches are affecting organizations across the country each year.
Global cybercrime costs reached an estimated $8.44 trillion in 2022.

This figure is projected to soar, with estimates suggesting it will hit $23.84 trillion by 2027.

Year Annual cost of cybercrime

2018 $860B

2019 $1.16T

2020 $2.95T

2021 $5.99T

2022 $8.44T

2023* $11.50T

2024* $14.57T

2025* $17.65T

2026* $20.74T

2027* $23.82T
Global annual spending on cybersecurity reached $150 billion in 2021.

This marked a 12.4% increase from the previous year and is expected to rise as cybercrime continues to escalate.

Year	Share of organizations hit by a successful cyber attack
2014	61.9%
2015	70.5%
2016	75.6%
2017	79.2%
2018	77.2%
2019	78.0%
2020	80.7%
2021	86.2%

Year	Annual cost of cybercrime
2018	$860B
2019	$1.16T
2020	$2.95T
2021	$5.99T
2022	$8.44T
2023*	$11.50T
2024*	$14.57T
2025*	$17.65T
2026*	$20.74T
2027*	$23.82T

Types of Cybercrime

Cybercrime manifests in various forms, from phishing emails to advanced hacking techniques. Here are some significant examples:

323,972 US internet users fell victim to phishing attacks in 2021.

Shockingly, 1.5 million new phishing websites are created every month, complicating efforts for users to avoid scams. Other prevalent cybercrimes include non-payment/non-delivery (82,478), personal data breaches (51,829), identity theft (51,629), and extortion (39,360).

Type of cybercrime	Number of reported crimes (2021)
Phishing attacks	323,972
Non-payment/non-delivery	82,478
Personal data breach	51,829
Identity theft	51,629
Extortion	39,360
Confidence/romance fraud	24,299
Tech support	23,903
Investment	20,561
BEC/EAC	19,954
Spoofing	18,522

Business email compromises are the most financially damaging form of cybercrime, costing $2.396 billion in 2021.

Other costly cybercrimes include investment fraud ($1.456 billion), confidence/romance fraud ($956 million), personal data breaches ($517 million), and real estate/rental fraud ($350 million).

Types of cybercrime	Annual cost (2021)
Business email compromises	$2.396B
Investment	$1.456B
Confidence/romance fraud	$956M
Personal data breach	$517M
Real estate/rental	$350M
Tech support	$348M
Non-payment/non-delivery	$337M
Credit card fraud	$173M
Corporate data breach	$152M
Government impersonation	$143M

Organized crime is responsible for 51% of data breaches.

While organized criminals account for just over half of data breaches, they are responsible for up to 85% of all stolen data.

The Cost of Cybercrime on Business

The impact of cybercrime extends beyond financial losses; these attacks can cripple small businesses and bankrupt larger corporations, jeopardizing countless livelihoods. Key facts include:

46% of cybercrime breaches affect businesses with fewer than 1,000 employees.

Small and medium-sized businesses (SMBs) are particularly vulnerable, with 61% targeted in 2021.
60% of small businesses shut down within six months following a cyberattack.

This alarming statistic underscores the severity of cybercrime’s impact on small enterprises.
The average cost of a data breach increased by 2.6% from 2021 to 2022.

In 2022, the average cost of a data breach was $4.35 million, reflecting a continuous upward trend.
51% of small businesses lack any cybersecurity measures.

Despite the threat, 36% of small businesses report being “not at all concerned” about cyberattacks, making them prime targets for hackers.

The Cam4 data breach of March 2020 exposed over 10.88 billion records.

This breach is the largest on record, joining other significant breaches in the past decade:

Data breach	Number of exposed records
Cam4 (Mar 2020)	10.88B
Yahoo (2017)	3.00B
Aadhaar (Mar 2018)	1.10B
First American Financial Corporation (May 2019)	885M
Verifications.io (Feb 2019)	763M
LinkedIn (Jun 2021)	700M
Facebook (Apr 2019)	533M
Yahoo (2014)	500M
Satwood (Nov 2018)	500M
Adult Friend Finder (Oct 2016)	412M

It takes an average of 207 days for businesses to detect a data breach.

While the average time to contain a breach is 70 days, the total lifecycle of a data breach averages 277 days.

Cybercrime Victim Statistics

Cybercrime not only impacts organizations but also individuals significantly. Here are some critical statistics regarding victims:

Identity theft resulted in $3.3 billion in fraud in 2021.

This represents an 83% increase from 2019 when identity theft accounted for $1.8 billion in fraud.
5.7 million individuals in the US were victims of identity theft and fraud in 2021.

Annually, between 7%-10% of US citizens fall victim to identity fraud, with 21% of these individuals being repeat victims.
75% of Americans are concerned about hackers stealing their personal information.

Cybercrime is a significant worry for most Americans, with 73% being particularly concerned about identity theft, ranking higher than concerns about car theft, burglary, or mugging.

Cybercrime Over Time

Cybercrime has escalated over the years, especially as more individuals and businesses transitioned online. Here are some notable trends:

Year	Data compromises	Number of records exposed	Individuals impacted
2013	614	91.98M
2014	783	85.61M
2015	785	169.10M	318.28M
2016	1,099	36.60M	2.541B
2017	1,506	198.00M	1.825B
2018	1,175	471.23M	2.227B
2019	1,279	164.68M	883.56M
2020	1,108		310.12M
2021	1,862		298.08M

2018 saw 471.23 million records exposed.

This year recorded the highest number of exposed records, with 2017 having only 198 million, representing only 47% of 2018’s total.
Data compromises peaked at 1,862 in 2021.

This figure surpassed previous years, with 2017 (1,506) and 2019 (1,279) also showing high numbers. The trend for data compromises generally decreases as we look further back, with only 157 recorded in 2005.

cybercrime data compromises over time

2.541 billion individuals were impacted by data breaches in 2016.

Despite only 36.6 million records being exposed that year, a staggering number of individuals were affected, with 2.227 billion also impacted in 2018.
Ransomware attacks surged by 62% from 2020 to 2021.

The average ransom payment also increased by 82% during this period, indicating a troubling trend in cybercrime.
An estimated 33 billion records will be stolen by cybercriminals in 2023.

This marks a 50% increase from the estimated 22 billion records stolen in 2022, underscoring the persistent rise of cybercrime.
Cybercrime is projected to cost $10.5 trillion annually by 2025.

The cost of cybercrime is anticipated to grow at a rate of at least 15% each year, escalating from $3 trillion in 2015 to an estimated $10.5 trillion by 2025.

Cybercrime by Location

The prevalence of cybercrime can vary significantly by location. Here are some noteworthy statistics:

The UK has the highest cybercrime density, with 4,783 victims per 1 million internet users.

While the UK tops the list, the US ranks second with 1,494 victims per 1 million internet users. Other notable countries include Canada (174), Australia (102), and Greece (72).

Country	Victims/1M internet users (2021)	Year-over-year change (2020-2021)
United Kingdom	4,783	+40%
United States	1,494	-13%
Canada	174	+7%
Australia	102	-22%
Greece	72	-75%
South Africa	52	+2%
Netherlands	41	+50%
France	33	+20%
Germany	18	-9%
Mexico	16	+14%

Denmark is the most cyber-safe country out of 75 surveyed.

In Denmark, only 1.33% of mobile devices are infected with malware, and there are no reported cases of mobile banking or ransomware trojans. Other safe countries include Sweden, Ireland, Norway, and Finland.
Nevada has the highest cybercrime rate per capita in the US, with 523 victims per 100,000 people.

Other states with high cybercrime rates include Iowa (297), Alaska (283), Florida (250), and Maryland (245).

State Cybercrime victims/100,000 people (2021)

Nevada 523

Iowa 297

Alaska 283

Florida 250

Maryland 245

Delaware 229

Washington 226

Colorado 214

Indiana 190

Arizona 182

State	Cybercrime victims/100,000 people (2021)
Nevada	523
Iowa	297
Alaska	283
Florida	250
Maryland	245
Delaware	229
Washington	226
Colorado	214
Indiana	190
Arizona	182

Mississippi has the lowest cybercrime rate per capita in the US, with only 83 victims per 100,000 people.

Other states with low cybercrime rates include South Dakota (88), North Dakota (100), West Virginia (106), and Louisiana (109).

State	Cybercrime victims/100,000 people (2021)
Mississippi	83
South Dakota	88
North Dakota	100
West Virginia	106
Louisiana	109
Nebraska	112
South Carolina	114
Ohio	115
North Carolina	117
Alabama	118

Cybercrime FAQ

How many cyber attacks occur daily?

There are over 2,200 cyber attacks every day. This averages out to one attack every 39 seconds, meaning that if you took 10 minutes to read this article, approximately 15 cyber attacks would have occurred.
How rapidly is cybercrime growing?

Cybercrime is expanding at an average annual rate of 15%. This growth can be measured through various metrics, including financial losses and the volume of stolen records.

For instance, cybercrime cost an estimated $3 trillion in 2015, but by 2025, it is projected to cost as much as $10.5 trillion. Additionally, the number of data compromises increased from 157 in 2005 to 1,862 in 2021.
Where does the US rank in cybersecurity?

The US ranks 31st out of 75 countries in cybersecurity. Tajikistan has the weakest cybersecurity (rank 1), while Denmark holds the top spot (rank 75). Factors influencing these rankings include:
- % of mobile devices infected with malware (mobile & non-mobile)
- % of users attacked by banking or ransomware trojans (mobile & non-mobile)
- % of computers infected by at least one malware attack
- % of mobile users attacked via web sources
- % of telnet and SSH-based attacks by originating country (IoT)
- % of attacks by cryptominers
- % of all spam emails by originating country
- % share of countries targeted by malicious mailings
- % of computers attacked by phishing
Despite being just below average in cybersecurity, the US sees the second-highest number of cyber attack victims per capita, at 1,494 per 1 million internet users.
Who is the most frequent victim of cybercrime?

Young women are the most common victims of cybercrime. This trend is twofold, as both women and young people are more likely to experience cybercrime. For example, women are 26% more likely to fall victim, with 54% of those aged 18-24 reporting experiences with cybercrime.

Conversely, 47% of men are victims, with 53% of overall victims being female, while only 33% of those aged 55-64 report experiencing cybercrime.
How often are cybercriminals apprehended?

Cybercriminals are rarely caught. On average, less than 5% of hackers are apprehended, and only 0.3% of all reported cybercrime complaints result in enforcement.

Challenges in policing cybercrime arise from the anonymity that hackers maintain online, and even if identified, many operate from different regions or countries, complicating international law enforcement.

Conclusion

The rise of cybercrime is alarming, with expectations of at least a 15% annual growth rate. Currently, 23% of Americans have experienced cybercrime, while 54% of companies have faced cyberattacks in the last year.

The financial repercussions are severe, with the average data breach costing $4.35 million as of 2022. Such costly breaches lead to 60% of small businesses shutting down within six months of an attack, affecting not just the businesses but also their employees and communities.

Regardless of your location, it is crucial to take proactive steps to safeguard your and your business’s data. Utilizing password managers and enhancing cybersecurity measures are essential steps to mitigate risks and protect against potential threats.

References

Author

Jack Flynn

Jack Flynn is a writer for Zippia. In his professional career he’s written over 100 research papers, articles and blog posts. Some of his most popular published works include his writing about economic terms and research into job classifications. Jack received his BS from Hampshire College.

Create Resume