Skip to main content

The state with the most data breaches is…

Magnifying glass with word "fraud"
New analysis reveals the worst states for online fraud.

New data indicates where, and how, criminals are successfully committing online fraud.

According to analysis of June 2022 FBI Internet Crime Complaint Center (IC3) data from Forbes Advisor, California is the worst state for data breaches in America, with 325,291 victims from 2017 – 2021. These victims have collectively lost over $3.7 billion from cybercrimes.

In second position is Texas, with a total 179,217 data breach victims from 2017 to 2021. The overall loss equals over $1.8 billion. New York ranks third, with a total of 141,170 data breach victims over the last five years, with collective financial loss of $1.77 billion.

Florida comes in fourth, with 198,930 people affected by a 2017-2021 data breach and a loss of over $1.7 billion; while Ohio rounds out the top five with 64,926 data breach victims and a loss of almost $777 million.

Other notable findings include:

  • The most expensive type of data breach in the U.S. is having a business or personal email account compromised, with financial losses of over $7.5 billion.
  • Non-payment or non-delivery is the most common type of data breach in the U.S.,with 361,972 cases over the last five years. It is also the fourth-most-expensive data breach in the U.S., with a financial loss of over $950 million. Non-payment or non-delivery is when a seller doesn’t get paid if they ship an item, or a buyer doesn’t get an item they paid for. Non-payment or non-delivery was the most reported cybercrime in the U.S. in 2020, with California being the most affected state with 13,151 data breaches that year.
  • Over the last five years, data breaches have affected over two million people in America, resulting in losses of over $20 billion.
  • The most expensive type of data breach in the U.S. over the last five years has been business email compromise and email account compromises (BEC/EAC). In a BEC/EAC scam, criminals will send an email that appears to be from a known source, making a legitimate request, such as being asked by the CEO to purchase gift cards to distribute to employees. There were 94,620 data breach victims in total, with a total financial loss of $over $7.5 billion.

To see the full Forbes Advisor dataset, which shows the individual results for 50 American states and individual results for each type of data breach, click here

“All told, there is no single solution when it comes to protecting your data,” said Rob Watts, business editor at Forbes Advisor.True protection comes from a combination of the right software tools, building your knowledge on cyberthreats and establishing safe practices with your online activity. Many data breaches come as a result of human error, so it's important to educate yourself in order to spot and counter threats"

Online fraud jumps in April

Other data sources indicate online fraud activity is on the rise. According to the April 2022 E-commerce Pulse from fraud prevention solution provider Signifyd, fraud pressure, an indicator by Signifyd of orders presumed to be fraudulent, rose 46% overall in April.

This figure was down from March 2022, but still ahead of April 2021. Signifyd recorded an especially steep year-over-year increase in attempted attacks on aged online accounts, which spiked 352% in April from the year prior. Fraudulent attempts to buy electronic products from aged accounts saw an even higher 401% increase.

This ad will auto-close in 10 seconds