If you’ve lived in the US for the past 18 years, your personal data has been illegally accessed on an average of seven different occasions, according to a new report.
In addition, American internet accounts have been breached so often that the country’s population makes up about 15% of all affected users around the globe. The report, out from VPN service SurfShark, has plenty of additional insights.
That said, shoring up the basics of internet security — like refraining from reusing passwords or staying on secured connections — can go a long way, even if it won’t rewind several decades of breaches.
14.9 Billion Accounts Breached Since 2004
The United States is at the top of the list of countries with the highest amount of breached online accounts in the past 18 years, with over 2.29 billion breaches in total, which adds up to 694 breached accounts per 100 residents, or 6.94 per person.
That’s not a great number, but depending on how you count the breaches, one other country actually has it worse. Russia only has 2.17 billion breaches in the same time frame as the US’s 2.29 billion, but that adds up to far more per 100 people — 1,489 breaches, more than double the US’s 694.
China, Germany, and France are numbers three, four, and five on the list, respectively, though none of them crack one billion breaches since 2004.
What’s Being Lost?
Different types of breaches can be more severe, as a greater number of different data points could be copied, viewed, or stolen:
“American and Russian accounts are exposed to cyber risks the most,” Surfshark sums up its report. “The U.S. ranks 1st according to the number of data points leaked per capita, where a single person has lost 27 data points on average to breaches since 2004. Russia comes second with 23 data points per person. Australia ranks third with 13 data points per capita.”
Overall, a whopping 48.6 billion data points have been exposed in the years tracked, with each email address being leaked with an average of 2.3 additional data points.
Across North America, that number rises to 3.7 data points, although the number of passwords leaked per 100 breached accounts drops to 72, down from a global average of 90.
Are Breaches on the Rise?
Surfshark’s report covers the past 12 months of data breaches in detail as well, and that information may be more relevant to the average person. After all, you can’t do much about preventing that data breach in 2005 when you leaked your email password trying to get early access to Star Wars: Revenge of the Sith.
But just since 2021, breach rates have ticked up. They’ve risen by 6.7% in the first quarter of 2022, compared to the fourth quarter of last year. At Surfshark’s last count, we were suffering 324 breaches per minute across the globe.
In the first quarter of the year, Russia fared far worse than the US, with over 25 million breaches compared to the US’s slightly over one million.
Staying Safe Online in 2022
Russia announced in September 2021 that it was banning six popular VPN services, including stalwarts like NordVPN, Express VPN, and IPVanish, and then added another six VPNs to the ban list in December.
Given that timing, it’s easy to draw a connection between VPN use and cutting down on data breaches. If you’re interested, our research team has tested all the top VPNs to figure out which ones are fast, easy to use, and trustworthy. Still, the rise in Russian data breaches this year can’t actually be explained that easily: Residents of the country have sharply increased their VPN use overall in 2022.
In the end, password managers might be the top solution. They’ll allow any user to securely store and access new passwords for any account they need, ensuring that they won’t be tempted to reuse passwords.
And the best management tools for passwords can even auto-generate the most secure passwords, to keep users from relying the world’s worst option, “123456.”
If you click on, sign up to a service through, or make a purchase through the links on our site, or use our quotes tool to receive custom pricing for your business needs, we may earn a referral fee from the supplier(s) of the technology you’re interested in. This helps Tech.co to provide free information and reviews, and carries no additional cost to you. Most importantly, it doesn’t affect our editorial impartiality. Ratings and rankings on Tech.co cannot be bought. Our reviews are based on objective research analysis. Rare exceptions to this will be marked clearly as a ‘sponsored’ table column, or explained by a full advertising disclosure on the page, in place of this one. Click to return to top of page