There were 2,932 publicly reported breaches in the United States throughout 2021, according to research from Risk Based Security and Flashpoint.

The 2021 Year End Report: Data Breach QuickView found that although data breaches worldwide decreased by 5%, numbers in the U.S. lifted by 10% compared to 2020 levels. 

Most targeted data types

In 2021, names and social security numbers were the most targeted forms of personal identifiable information (PII), being compromised in breaches 64% and 41% of the time, respectively. Addresses were the third most compromised known type of PII (29%). 

Cyberattack vectors

Threats from outside of organizations posed a large risk in 2021, with 77% of breaches originating from external threats. However, insider risk also presents a threat to enterprise cybersecurity. Although only 15% of breaches result from internal actions, 63% of internal breaches are accidental, indicating a potential need for further cybersecurity training.

Industry targets

Various sectors suffered data breaches at higher rates in 2021. According to the report, the top five industries targeted by data breaches were:

  1. Healthcare: 583 breaches
  2. Finance and Insurance: 520 breaches
  3. Public Administration: 402 breaches
  4. Information: 389 breaches
  5. Professional/Scientific: 382 breaches

For more information, download the report here.