Data Breaches and Cyber Attacks – USA Report 2024

6,845,908,997 known records breached in 2,741 publicly disclosed incidents

Welcome to an overview of the biggest security incidents in the USA in November 2023 – April 2024, the sectors most frequently breached in 2024, month-on-month trends in the USA, links to our monthly reports, and much more.

Use the links in the ‘On this page’ section below to navigate. To download our monthly Data Breach Dashboards, click here. For our research methodology, click here.

To get our latest research and news delivered straight to your inbox, subscribe to our free weekly newsletter, the Security Spotlight.

IT Governance USA is dedicated to helping organizations address the threat of cyber crime and mitigate its risks. We offer various resources to help you understand and protect yourself from threats, ranging from training courses and professional consultancy to free green papers, webinars, and other resources.



Top U.S. data breach statistics

Top 10 biggest breaches in the USA

Note: Where ‘around,’ ‘about,’ etc. is reported, we record the rounded number. Where ‘more than,’ ‘at least,’ etc. is reported, we record the rounded number plus one. Where ‘up to,’ etc. is reported, we record the rounded number minus one.

Most breached sectors of 2024 in the USA

Note: To make these statistics as informative as possible, the percentages exclude the ‘multiple,’ ‘other,’ and ‘unknown’ sectors. In line with that, we’ve not listed ‘multiple,’ which technically disclosed most incidents (916, due to the misconfigured Google Firebase websites of March 2024).


Note 1: The following graphs reflect our most up-to-date data – in other words, they account for data corrections when more information about certain incidents comes to light after we publish our monthly reports. There may therefore be discrepancies with our monthly reports, particularly older ones.

Note 2: To avoid skewing the data, for the global figures, the following graphs exclude three outlier events: the Europol action in December 2023, affecting 443 organizations; the MOAB in January 2024, affecting 3,876 organizations; and the thousands of exposed Ray servers in March 2024.

Known records breached

Publicly disclosed security incidents

Data breached

Note 1: These exclude publicly disclosed incidents where we don’t know for sure whether data was breached, or where a cyber attack only led to e.g. a service disruption but not a data breach.

Note 2: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.

Remedial action

Note: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.

Regulator notification/involvement

Note: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.

Individual notification

Note: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.

Ransomware attacks

Note: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.

Supply chain attacks

Note: This graph excludes the 916 misconfigured Google Firebase websites of March 2024 from both the USA and global data, to avoid skewing it.


The top 3 biggest breaches in the USA in April 2024


The top 3 biggest breaches in the USA in March 2024


The top 3 biggest breaches in the USA in February 2024


The top 3 biggest breaches in the USA in January 2024


The top 3 biggest breaches in the USA in December 2023


The top 3 biggest breaches in the USA in November 2023


Suffered an incident?

Get FREE expert insight from Vanessa Horton, our cyber incident responder, into:

  • Cyber defense in depth, with prevention, detection, and response
  • Common misconceptions and errors around incident response
  • The different stages of incident response
  • Digital forensics and root-cause analysis
  • Cyber incident response planning
  • Staff training
  • Much more

Security Spotlight

To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our weekly newsletter: the Security Spotlight.

Every Tuesday, you’ll get a short email with:

  • Our latest research and news
  • Free useful resources
  • Upcoming webinars
  • Other ways we can help