Security breaches rose by a shocking 156% globally from the first quarter of 2023 to quarter two, according to a report published by VPN service SurfShark on Tuesday. As hacking and security leaks become more prevalent so too does the rate at which the breaches occur.
In total, SurfShark found that 110.8 million accounts were leaked in the second quarter with 855 accounts being leaked per minute. Meanwhile, countries that had been lower on the list, such as Spain, are quickly moving toward the top of the list, with the country going from the fifth spot last quarter to third in Q2.
North America and Europe skyrocketed to the top of the list with Asia bringing up the rear at 5.8 million breached accounts in the second quarter.
The countries’ rankings are not sorted by the number of accounts breached per day, as this would give a false narrative because of the population density in each country. Instead, the report identifies the breach density which focuses on the number of accounts compromised per 1,000 residents. This gives a better idea of the likelihood that more people in that country will be affected.
One such case is Finland, coming in at No. 4 with less than 5,000 accounts breached per day. With a population of 5.5 million people, it’s no wonder Finland comes in ahead of a country like Turkey which suffered more than 30,000 accounts breached but has 84.78 million residents.
This list provides valuable information indicating whether the country should amp up its vigilance and take major security measures, and you may not be surprised at which country comes in at No. 1.
10. Denmark
Breach Density: 29
Accounts Breached Per Day: 1,867
Denmark has amped up its security efforts in recent years as data breaches within the country grew, making it the lowest ranking on the top 10 list. The Danish government introduced the National Strategy for Cyber and Information Security 2022-2024 to educate its residents, businesses, and authorities on how to protect themselves against data breaches and to protect critical government ICT systems.
However, Denmark was still hit by hackers who disrupted access to its central bank and seven private banks in January. The security breach targeted servers using distributed denials of service (DDoS) which allows the hackers to knock them offline, forcing the banks to briefly restrict access to their websites for several hours.
9. Turkey
Breach Density: 32
Accounts Breached Per Day: 30,221
In April, as many as 700,000 TikTok accounts in Turkey were compromised, allowing hackers to access users’ private information and gain control over their accounts. Although TikTok’s parent company ByteDance said it locked down the attack before the hackers could gain access to the app itself, Alex Stamos, director of the Stanford Internet Observatory and former security chief of Facebook told Forbes at the time that it’s uncertain how much information the hackers gleaned or how significant the breach was.
8. South Sudan
Breach Density: 35
Accounts Breached Per Day: 4,234
Hackers issued an ultimatum to the Bank of South Sudan after taking control of the bank’s website in April. The hackers, who call themselves “Anonymous South Sudan” according to Sudans Post, warned the bank it would attack again if the government did not meet their demand to slash the dollar exchange rate from SSP850 to SSP400.
“We know that you have tried to recover but no way and no option the only option is 100 dollars to be 40,000. The website will work normally [and] we give you 144 hours for this to get done,” the hackers said in their message, Sudans Post reported.
Cyber Security Analyst Mike Deng said at the time that the hackers could have accessed sensitive information and “could use it for criminal purposes or political manipulation.” He added, “They could also inspire copycat attacks or trigger a chain reaction of cyber insecurity.”
7. France
Breach Density: 53
Accounts Breached Per Day: 37,853
Aix-Marseille University, one of France’s oldest higher education schools, was hit by a cyberattack in June that was identified as coming “from a foreign country.” The breach was quickly identified when it triggered a security alarm, allowing school officials to take the school’s network offline before it could cause great damage.
The university said in a message on its site that the Digital Department quickly isolated the network, and was instating additional IT security.
6. Sweden
Breach Density: 70
Accounts Breached Per Day: 8,176
The hacking group Anonymous Sudan set its sights on Sweden in May as the country made attempts to join NATO. The group targeted dozens of airports, hospitals, and banks in the country using DDoS attacks. The security breach wreaked havoc on Scandinavian Airlines’ websites, knocking them completely offline and disrupting Sweden’s national public broadcaster.
Mattias Wåhlén, who led an investigation into the hacks for Truesec, one of Sweden’s biggest cybersecurity firms, told Bloomberg at the time that Anonymous Sudan appears to be linked to a well-organized unit of Russians, who he says have a full understanding of local politics and social issues.
Katarzyna Zysk, a professor of international relations at the Norwegian Institute for Defence Studies in Oslo told the outlet, “This strategy of creating chaos is one of the major means Russia has been using against Sweden” to complicate its NATO application.
5. Australia
Breach Density: 72
Accounts Breached Per Day: 20,883
TechnologyOne LTD, the leading company in building financial software for business and government departments was hacked in May, becoming the largest series of cyberattacks in Australia. The company immediately halted its trading and locked down its systems while an investigation was conducted.
Fortunately, TechnologyOne said the platform was not connected to its internal back-office system at the time of the attack which targeted its internal Microsoft 365 system.
4. Finland
Breach Density: 78
Accounts Breached Per Day: 4,742
Finland reported an uptick in cybersecurity attacks since it joined NATO in August of last year. As U.S. President Joe Biden moved to back the country’s admittance into NATO, Finland’s parliament website was hit by a cyberattack which it believed came from Russia.
Parliament was also targeted during a meeting with Ukrainian President Volodymyr Zelenskyy in April 2022.
The country believes it will see an increase in cyberattacks from Russia, prompting Biden to state that adding Finland and Sweden into NATO is “for the greater security of the world.”
3. Spain
Breach Density: 78
Accounts Breached Per Day: 40,933
A cyberattack targeted a major hospital in Barcelona in March, crashing the Hospital Clinic de Barcelona’s computer system and forcing the cancellation of 150 non-urgent operations and upwards of 3,000 patient checkups.
Regional government telecommunications secretary Segi Marcén told AP News at the time that the cyberattack was carried out by a group called Ransom House which cut off the hospital’s access to patient’s records and blocked communication between units.
The group had not asked for a ransom, but the government was adamant that it wouldn’t have paid up.
2. Russia
Breach Density: 106
Accounts Breached Per Day: 167,890
Russia claimed its streaming giant START was hacked last year, quoting the data leak impacted 44 million users. According to the Russian Telegram Channel, the leaked information included usernames, email addresses, passwords, IP addresses, the user’s country of registration, subscription information, and when they last logged in to the service, The Record reported.
The country said financial information was not listed in the database, and START said in a statement to The Record at the time: “The most important information there is the users’ emails and phone numbers.”
1. United States
Breach Density: 147
Accounts Breached Per Day: 547,508
In June, U.S. government agencies were targeted by a global cyber attack believed to be carried out by Russia. The ransomware gang, Clop, was allegedly responsible for the hack which also possibly targeted several hundred companies and organizations across the U.S.
The attack affected the widely used MOVEit software which companies use to transfer files containing sensitive data. CISA Director Jen Easterly told reporters at the time that there weren’t any “significant impacts” on federal civilian agencies as a result of the breach, CNN reported. MOVEit said it quickly moved its Cloud software offline to fix the flaw that had allowed Russian hackers to gain access.