Shocking Hacking Stats
- 158 Accounts are being hacked every second, 1.79 billion accounts were hacked in 2019 alone
- A 6-digit password can be cracked in 140 seconds, while 4 digit pin can be cracked instantly.
- 48% of the users don’t use two-factor authentication in which 1.3 million accounts got hacked
- 99.9% of the accounts get hacked due to this one single mistake we do
- 1 in 36 phones was hacked in 2018 and 80% of mobile devices got hacked through apps
- 300 billion passwords under risk, every human uses 100 passwords on average
- Americans lose $15 billion every year due to identity thefts
- Hackers looted 1.3$ billion with business email compromise.
- More than 50% of employees in organizations never changed their passwords
- 95% of the attacks & breaches are caused by human errors
- Hackers Sold 0.5M+ Zoom passwords on the dark web.
- Credentials are the target & motto behind hack or data breach
- 540 million Facebook user accounts were exposed in 2019
- 214 million social media accounts exposed,
- 40% of the people deleted their social media accounts to protect themselves
- 30% of US users open phishing emails and 12% will actually click the links in it
- 43% of UK business are breached in the past 1 year
- More than 24000 mobiles are blocked every day in 2019
- Android’s are the most targeted platform, 60% of the frauds initiate from mobile devices
- Third-party sites are the malware hideouts and every second phone call is a scam
- For every 13.2 seconds, an organization falls for a ransomware attack, and attacks are likely to grow 5 times.
World Wide Web turning everyone into a digital world more likely a 💻Cyber world, No wonder that “Your Account can be Hacked!”. Do you know how many accounts are getting hacked? While the trend is attracted to social media platforms so criminals get the data of users through various means (Phishing, Malware, Identity Theft, What not!).
Here are some of the 😲shocking hacking stats that prove “Security is what everyone is looking for” in 2024. Though most of the hacks or attacks happen due to human errors (lack of security features or no proper care).
Meanwhile, CyberSecurity experts say spending on CyberSecurity can rise to $10 billion by 2027.
Some More Shocking Hacking Statistics
Hackers are all around the world with preying eyes to steal your identity and data. Either is through phishing or hacking your accounts. Weak passwords or no security authentications are healthy signs that your account will be hacked. Here are the quite shocking hacking statistics occurred so far…
1. Number of Accounts get Hacked in a Day
As per Google, study reports show that 52% of users are using the same password on multiple sites. 15% of the people admitted that they are using the same password on different sites. This results in massive account hacks of 2.5 billion in 2018, roughly 6.8 million accounts every day i.e 158 accounts every second.
But now people started realizing after attacks, changing their passwords frequently. So, there is no precise figure of how many accounts were hacked in a day in 2023. But it’s estimated that around 2242 accounts are being hacked every day, as per reports. On rounding up these numbers, there will be 0.8M+ accounts hacked every year.
🎯Tip: Don’t use the same password for every website and keep in mind that doesn’t include or use a master password.
2. A 6 Digit Password Can be Cracked within 140 Seconds
Many researchers say a 6-digit password is a very dangerous password (very weak) that can be cracked in 9 hours. If hackers use a powerful computer that can take down 30 passwords/per second. But most users like you & me will make mistakes in creating consecutive characters as digits. Which can be cracked within 2 minutes, by combining a powerful GPU & CPU.
Research says a typical password should be 8 characters long (includes lower case, upper case, special characters, numbers, etc). I know it’s hard to remember such combinations, try our Password Generator (Memorable passwords). A medium-length password with 12 digits will keep the attackers busy for 34,000 years. No one will spend that much time getting your data.
3. 99.9% of Accounts are compromised for this reason
Source: Windows Central
A Microsoft vulnerability survey shows that more than 1.2 million Microsoft accounts are comprised. The reason behind this is a very common mistake that users made “Not Using Multi-Factor Authentication“. While the attackers are commonly using the Spraying💦 technique to get your username and password (which works like a brute force to get your details)
Also, 60% of the users reuse passwords which leads to these attacks. 97% of the attacks are password replay attacks that intervene in your data packets to get your credentials from the most commonly searched sites. This is why we 🤗advise you to not use the same password for all your logins and turn on two-step verification.
In this way, there will be very less that your credentials got stolen and with two-step verification, you will be always notified when someone tries to login into your account. This reduces the risk of your account being hacked by 50%.
4. 130% Raise in Phishing Websites
Source: Google Transparency Report
As per the Google transparency reports, Cyberworld saw a rapid spike in malicious websites and phishing sites. It’s reported that more than 584000 sites are stealing users’ credentials in just 2017 while it’s increased to 1.35 million this year which is a 130% increase.
While 96% of the attacks happen through email, as per Symantec research 1 in every 4200 emails results in phishing. Attackers are targeting the most active groups to forward these phishing site links to infect devices. As you can see that phishing attacks happen due to several reasons why email attacks are more.
But now the attacks are storm seems to be suppressed due to awareness in the internet users. Also, google is continuously delisting malware & phishing sites from the web so you can take a breath.
5. 300 billion passwords need protection (2020)
Source: Cybersecurity Ventures
Passwords are the🔑keys to all your personal data & secrets, with the increasingly rapid increase in digital content (96 zettabytes by 2020). Choosing a weak password will make you more vulnerable to Cybercrime. Also, it’s proven that human negligence is what affects security and results in being hacked.
As per the Cybersecurity reports, more than 300 billion passwords are at risk and there are 3 billion user credentials & passwords stolen in 2016, i.e 8 million passwords every day (95 passwords/ day). Experts say, through these thefts, there is more than $6 trillion in cybercrime damage occurred. Though the damage incurred due to several reasons, IoT plays a major role in it.
You will be surprised on hearing 2200+ cyberattacks happen every day, while new software bugs are the backdoors for the attackers to get into the device and get what they want. So think about your password again before you choose it to be memorable.
🎯Tip: Don’t choose weak passwords like 123456 which can be cracked within seconds, which leaves you vulnerable.
6. 47% of Home Cameras are Vulnerable
IoT devices are commonly seen in most houses and there were 10 IoT devices in a home as per the findstack statistics. Though this number continues to grow to make life easier, it can be quickly hacked (child’s play). At least this is very true for the cameras which are connected to the internet.
A vulnerability (entry) for some model IP cameras is found i.e other models be hacked as well. In doing so, hackers spy on you always (live stream everything). People who are running their cameras on the default credentials faced these hacks.
It’s not only the 📹cameras, every IoT device has vulnerabilities that make it easy for hackers to get into your network. While the security firms predicted that more than 5 devices on average are being attacked per day, especially at night times (sleeping time & not much attention).
As per IoT analytics, the whole world spent $128.9 billion in total only in 2020. Think once, about how these appliances are becoming puppets of attackers.
7. Every 1 in 36 mobile phones is at risk
Mobile usage is very 🔥high these days, people are installing apps unconsciously & getting affected. A user spends an average time of 6.9 hours on a smartphone as per livemint statistics, taking this as advantage attackers are using some malicious applications to enter into your device.
While Symantec blocked tons of malicious applications with an average of 10k+ every day in 2018. Most of the attacks are seen in the US only, there is no wonder it is a global outrage. When we analyze the malware statistics, the number of mobiles hacked is increased by 2/3 in just a year.
So every mobile device out of 36 is at high risk, third-party app websites are the hideouts for this malware in 2018. This isn’t the only thing, clicking on malicious links & opening spammy emails which also inject malware into your device. So, always be careful about downloading anything from third-party sources.
8. Hackers looted $1.3 billion by Compromising Email Business
While the cost of Cybercrime is very high with breaches & identity thefts, the most profitable cybercrime on earth is Business email compromise. This happens when hackers take down a corporate email account and wipe out the company’s bank accounts. This type of hack earned them 1.3$ billion (it’s just a fraction of the loss).
Compositing a business email is very easy if hackers take down one or spoof it. Whether it’s your personal data or corporate data, it’s more valuable they can sell it on the deep web or can blackmail the company itself. Through this hackers are filling their pockets👛 with $117 million every year. Also, they will earn from stealing the identities of any individual which in summing up reached $100 million.
It’s not only the corporate emails, most of the accounts or cybercrime happen through email phishing. So, enable multi-factor authentication for your email and make sure that is no suspicious activity found.
9. Compromised passwords cost SMBs $0.3M per Attack
Source: Ponemon Institute and Keeper Security
68% of employee passwords are stolen in 2019, and they mention the attack happens due to weak passwords making this one of the biggest causes of hacking issues. The Keeper Security claims that each password compromise causes $384,598 per attack.
While they paused the accounts 38% of the employees uses the same password in all internal systems. Now, 50% of companies require employees to use strong passwords, and 50% of the other brands don’t have employee password usage policies.
In some cases, it’s not only the passwords but it can also be your phone number or email which sucks all your personal information and cause you more damage as an individual.
10. White Hat Hackers become billionaires
Not all hackers are criminals to steal or theft your information, There are some hackers called White Hat Hackers who are always on the bounty for vulnerabilities & data breaches in business, As per the Digit sources 2018, white hat hackers earned $11 million in bounties.
There are many white hat hackers on HackerOne who earned $40 million in just one year, as the rise of Cyberattacks their need is more in finding vulnerabilities. One hacker earned $40 million by just finding a bug in the software (which is the backdoor).
It’s not an 💦easy job as you think it is, white hat hackers are joining hands with companies to prevent large-scale hacks & data breaches. But the attacks are still incurring & continuing in new ways.
11. Hackers Sold 0.5M Zoom passwords on the dark web
Cybercriminals will take advantage of every vulnerability to make 💰money from it, while this is true always and witnessed again in 2020. Hackers started sending COVID spoofing emails to hack personal and business accounts.
As per the Forbes reports that hackers sold over 0.5 M Zoom passwords on the dark web, most of the data are usernames and passwords (personal information). While some of the data is cashed and some is available for free. Insight threat intelligence says that zoom credentials are found over several databases.
As zoom is hitting more users every day due to work-from-home scenarios, hackers use 🛠automated attacks to hack millions of zoom accounts. Though the passwords are aged still people are using the same. All the stolen passwords are not only from the breach of zoom itself but from the collection of stolen & recycled passwords.
12. Credentials are the motive of hacking or data breach.
Verizon reports say that attackers are looking for credentials in data always. Most of the data include your personal information, number, etc. Here you can see a clear view of what Cybercriminals are looking for like bank details, medical details along all others.
IBM reports also say that credentials are the feeds for attackers, 61% of the breaches are after the most common information about the user and 39% of them are after personal data. There are various ways to get your credentials like Basic web application attacks (ransomware, Magecart-like attacks, system intrusion) which include compromised credentials in almost 80% of the breaches.
Credential stuffing & stealing are haunting most organizations. Sharing screen is the most commonly used technique to trap user credentials and get their personal data.
13. 50 Million Facebook accounts hacked in 2018
While Facebook always faces security threats every day, a network attack on its server in 2018 leaked 50 million users’ personal information. It’s one that couldn’t be imagined over again (attackers exploited Facebook code to gain user access).
Though they speculated the information as “Government entering into the social network” weakened our security system. But they accepted that there were three flaws in their security system which welcomed hackers in.
But the Facebook management team claims that none of the breached information is sold on the dark web or any marketplaces or third-party apps. Also, there are several common Facebook scams that happen every day try to avoid them as much as possible to be safe.
14. 214 Million Social Media accounts exposed in 2024
There were more than 318 million records exposed in the year 2021 with which 214 million user data is exposed as per the Cybersecurity magazine reports. All this huge damage is incurred with a small misconfiguration in the database and all the leaked data isn’t encrypted. Anyone can openly see the entire data within it.
While the exposed data consist of personal information, account details, phone number, email address, etc. Many web scrappers collected this information and utilized it across various platforms since scraping isn’t illegal on the web. But scraping on social media accounts is considered a violation (Facebook & Instagram).
Previously in 2020 235 million social media profiles like Instagram. TikTok and YouTube are leaked, this is considered a massive leak in centuries. While the research says it wasn’t secured properly.
15. 30% of the US users open phishing emails & 12% will click on the link in it.
Keeping the rise of phishing sites & emails aside, a cybersecurity survey shows that 30% of the US people open the spam email they receive and 12% of them will click on the links on it and open them. Attackers sense the user’s weakness over a period and trigger them with these emails.
Never ever open or click on any spam or phishing emails even if it says “Emergency, Urgent, Won Lottery, Prize Money, etc”. 87% of IT managers upload business files on personal email or cloud storage. These managers will put the company at risk without knowing the security.
Phishing emails are responsible for 91% of the cyber attacks, hackers targetted 5 out of 6 large companies (the attack rate is increased to 40%).
16. 43% of UK businesses are breached in the last 12 months
In recent times, 4 in every 10 organizations have been hacked irrespective of the company size. Surprisingly they attacked staff member devices to gain access to the corporate data. While the organizations seem to have a low incident response rate so the average branch goes 120 days before they realize.
In 2017, breach it was seen that 61% of the data breach victims targeted companies with fewer employees. This doesn’t mean that Cybercriminals always attack small companies, but they prefer over it by vulnerability scale.
So, it’s informed that any business either small or large should have some cybersecurity to defend against these attacks even in near future.
17. 24000 Mobiles apps are blocked every day in 2019
Though it sounds terrible, it’s fact that attackers invaded the app store full of malicious applications. But, everyone knows the apple security system and they have their own app store (under control). They managed to block more than 24000 applications every day rigorously in 2019 while android users are facing a fever of malicious applications.
But the android community is huge and well improved with security measures now. It’s always harmful to download applications from unauthorized third-party sites, doing so you will be asked for approval (security measure). This won’t be the case with iPhone devices.
18. A Human uses 100 passwords on average
Studies show that an active social & digital platform user will use 100 passwords on average in 2023, whereas regular users range from 70-80. Remembering all the passwords isn’t possible at all, 9% of all digital users use the same password for all of their accounts, this is why we give multiple failed login attempts or keep the password simple (easily memorable) which leads to cyber attacks.
19. 99.99% Of the Accounts got hacked with this one single mistake we do
Source: Window Central
in 2023 Q1 more than 1.2 million Microsoft accounts were compromised and after surveying, the company came to know that all these accounts don’t have multi-factor authentication. Password spraying is the most common method used to hack accounts which uses easy-to-memorize passwords against the username to get the job done.
Even if your password is a little complicated, using people’s search sites, they will get your password by any means i.e you are not safe online. Also, millions of Microsoft accounts are said to be impacted due to email data breaches.
20. There is a shortage of 3 million CyberSecurity Specialists
Source: World Economy Forum
As per the World Economy Firms reports, there is a shortage of CyberSecurity professionals compared to the digital transformation rate which is why many firms & businesses lack security. But to be a sustained world and to tackle cyber attacks at least the businesses need to be provided with the Cyber Security automated & risk-management tools free of cost.
21. Cybercriminals may hack more than 33 billion accounts in 2023
Source; Norton Security
Analyzing the current trend of cyber criminals and security resources it’s predicted that more than 33 billion accounts can be hacked by 2023. As 60 million American identity thefts resulted in a $ 15 billion loss in 2017 and the number of identity theft counts is still 🔥rising.
By 2023, cybercriminals can steal 33 billion accounts though it sounds terrific but achievable.
22. 540 Million Facebook Accounts were exposed in 2019
A third-party Facebook App developer exposed 540 million user accounts on the AWS server, but there is no clear evidence whether it’s due to the platform’s vulnerability or users’ ignorance of security. And the fact is if the company doesn’t provide any security over the sensitive data on the servers it will take years to register the problem as a cyber crime breach and at least 200 days for the company to know their data is under breach.
23. 62% of the CyberSecurity teams are short-staffed
It’s commonly observed that around 62% of the organization’s cybersecurity teams are short-staffed (don’t have enough employees). Despite knowing the cyber attacks outside, this short-staff issue still persists in most organizations. Upon surveying the organizations it was found that only 15% of the organizations agreed with this statement.
24. 53% of Adults don’t know how to stay protected online
Many adults around the world are afraid of cyber & online attacks rather than physical ones and 53% of them don’t even know how to protect themselves from online crimes.
While 46% of US adults don’t even know what to do if their identity was stolen. This is a perfect sign that signifies a lack of online & digital security awareness.
25. 87% of U.S. citizens who use the public internet are not aware of the risk
Almost all the use people will connect to public Wi-Fi which is available in cafes, railway stations, airports, etc. But these are not safe. Using public wifi isn’t safe at all as the operator can know what you are doing (No privacy) and it’s known that every public wifi can be hacked quickly.
26. Only 13% of people use VPN to protect online privacy
While 93% of online users are concerned about their privacy, only 13% of them use VPN to protect their online privacy. The rest of the users might think that using a VPN is complicated, but it’s not and others use VPN to unblock streaming services either they might don’t know a VPN will protect their privacy (*Not only unblocking geoblocked content).
27. More than 40% of people think their information isn’t valuable to users
Do you ever felt the same? Many people actually don’t care about their information as they think it isn’t worthy of hackers. This is the reason for the 📈rise of cyber-attacks & hacks, this mindset needs to be changed. Probably your information might not be valuable to hackers, but it’s valuable for the person who the hacker sells.
28. PlayStore removes apps with 20M+ downloads
Google removed many apps from its play store through they had millions of downloads as these apps are harmful to mobile devices some of which drain the mobile battery, and mobile data and some secretly steal user information through permissions.
29 40% of people deleted their social media accounts
Due to privacy threats and hackers, more than 40% of users deleted their social media accounts to be safe online. In recent times, there is a huge propagation of fake news on social media platforms which makes users across Canada, the US, UK, UAE, France, and China feel unsafe. A survey of these countries says that an average user deleted more than 1 social media app.
30 A social media business account is prone to 30 hack attempts per year
It’s not only common individuals, many popular business accounts on social media platforms got hacked. In a survey, it’s observed that hackers try at least 30 attempts to take over the business account in a year i.e at least 3 attempts a month.
Back in 2016, NFL rookie Laremy’s Twitter and Facebook accounts got hacked which caused $21 million in damage.
😉Tips To Avoid Hackers
Avoid Phishing sites & Malicious Links:- Phishing is the major area where user’s lost their credentials and personal identity. Some VPNs like NordVPN can detect phishing sites & block them right away or you can look for the domain once before you enter.
Use 12 Digit Password:- Attackers will break your password within seconds if you use weak, consecutive digits. it is advised to create a 12-digit password with all possible combinations. Try out our password generator which creates tough passwords for you. Also, enable two-factor authentication for maximum security.
Change Password:- Many people use the same password everywhere, while many sites are pawned. So your credentials might already be in the hacker’s hands, make sure that you change the password frequently.
Avoid downloading Apps from 3rd party Sites: Don’t download apps from third-party websites (unless you trust them well). These applications are the hideouts for the malware that can get into your device and hack your device.