Report Indicates that Americans are the Primary Targets of Cyber Attacks in 2023
Bad actors target social media and other platforms, penetrating and pilfering data from 300 million accounts worldwide in a disastrous year for cybersecurity
Cyberattacks on Americans’ email and other personal accounts are getting markedly worse, and without dramatic upgrades to online security and the disruption of cybercrime networks— many of them state-sponsored— the costliest and deadliest cyberattacks are yet to come, according to a new report on cyber incidents worldwide in 2023.
Of all countries in the world, the United States is home to the highest number of hacked email and other personal accounts. Altogether, 97 million U.S.-based accounts—almost a third of the global total of 300 million—suffered breaches of one kind or another in 2023, compared to 30.9 million American accounts in 2022.
In second place was Russia, with 79 million hacks; followed by France, with 11 million; and Spain and India, with 8 million and 5 million breaches, respectively.
Surfshark’s Findings
These and other data illustrating the scale and severity of the hacking crisis, and the inadequacy of cyber defenses worldwide, are the subject of the new report from Surfshark, a Netherlands-based cybersecurity firm.
The report’s troubling findings highlight the growing aggressiveness of hackers and the continuing exposure of systems and networks on which citizens of all walks of life, in private and government roles, depend from day to day.
Related Stories
Surfshark’s report leaves no doubt that the problem has gotten significantly worse for Americans in recent months and that the United States is something of an outlier in this regard. According to the report, the breach rate in the United States more than doubled in 2023, even as the rate declined 20 percent globally. Hackers are growing more focused and more bent on disrupting U.S. accounts and stealing sensitive data from Americans.
China, from where many of the attacks originated, saw its own position improve somewhat, the report shows. The nation fell from second place on the list of most-breached countries in 2022 to 12th place in 2023.
Attacks by Region
Looking at breached accounts by global region, Europe is home to the highest number overall—116.6 million breaches in 2023, down from 160 million the year before. Adding results from Canada to those from the United States, the report finds that North America follows directly behind Europe, with a total of 101.7 million in 2023, compared with 34.7 million in 2022. Asia experienced 26.3 million breaches, way down from 83.6 million the year before.
South America suffered 6.9 million breaches, down from 17.5 million the year before; Oceania came in fifth with 4.4 million breaches, down from 5 million in 2022; and Africa ended up in last place, with 3 million breaches in 2023, significantly down from the 25 million it suffered the year before.
What may seem like innocuous job-search and social media platforms often turn out to offer abundant opportunities for hackers and other malicious actors, putting the personal data of scores of millions of unsuspecting users at their fingertips. For sophisticated cyber actors, the sites’ security is minimal to nonexistent, and the costs of using them were evident in numerous disastrous incidents in 2023.
The report illustrates how the wide reliance on certain social media platforms, such as LinkedIn, can help explain what may seem the unusually high vulnerability of U.S.-based accounts to cyber breaches, and the high numbers recorded for other countries.
Surfshark describes how the “scraping” of publicly available LinkedIn profile information led to the leaking of nearly 11.5 million emails in 2023. While some may quibble with the inclusion of this incident on semantic grounds, Surfshark ranks it as the biggest data breach in all of 2023.
“Although it was not a data breach per se, the platform facilitated the aggregation of personally identifiable information that could be used for phishing attacks, spam, or brute-force password hacking attempts,” the report states.
A disproportionate number of the leaks in that incident—1.6 million—were American, the report finds, while 1.1 million were French and 700,000 were UK-based.
A breach of the site chess.com again inflicted heavily disproportionate harm on U.S. users. Of the 1.3 million people whose scraped personal data went to hackers, 470,000 were American, 76,000 were French, 75,000 were British, and 66,000 were Indian.
Other major attacks in 2023 affected such Russian platforms as Book24, Gloria Jeans, Chitai-gorod, and SberSpasibo.
The methodology of Surfshark’s report involved aggregating data from 29,000 publicly available databases. Countries with a population under a million people did not figure in the research.
