Despite an overall global drop, over 2.5 million US accounts were breached in the first six months of 2025.
According to the Cybernews Personal Data Leak Checker tool, the United States experienced over 2.5 million breached accounts between January and June 2025, more than any other country. While this number represents a sharp global decline compared to the same period in 2024, it still indicates ongoing vulnerabilities in US data security.
Globally, there were 15.8 million breached accounts in the first half of 2025, down from 302 million in the first half of 2024. France (1.8 million) and India (1.2 million) followed the US as the most breached countries.
January and March marked the two highest peaks in breach activity globally. In the US, breaches rose steadily from 406,000 in January to 1.2 million in March before declining in Q2. France had 1.6 million breached accounts in January alone before experiencing a sharp drop.India showed a similar pattern, with a major spike to over one million breaches in March following a quiet February.
Other countries in the top ten included Russia, Venezuela, Brazil, the UK, Argentina, Taiwan, and Saudi Arabia. Most showed sharp declines after Q1, though exceptions like Ireland and Italy saw unexpected spikes in Q2 breach activity.
Cybernews security researchers pointed to common user behaviors as drivers of breaches. These include reusing weak passwords across services, downloading sketchy files, clicking on unsafe links, or falling victim to impersonation scams.
The report also noted a growing tactic among cybercriminals: using infostealer malware or posing as IT support to trick users into handing over control of their devices or accounts.
Breach density compares the number of breached accounts to the total number of internet users in a country. It helps measure how widespread breaches are on a per-person basis, regardless of population size.
Users can use data leak checkers like Cybernews’ Personal Data Leak Checker or Have I Been Pwned to see if their email or password has appeared in known data breaches.
Not always. A country may have high breach numbers due to better detection and reporting, while others with lower numbers might lack transparency or effective tracking mechanisms.
Simple steps include using a password manager, enabling two-factor authentication, avoiding suspicious downloads, and regularly updating passwords, especially for accounts tied to financial or personal data.