Data Theft
Cybersecurity statistics about data theft
Showing 1-16 of 16 results
49% of organizations did not detect the threat until after data is stolen, up from 31% the previous year.
In September 2025, Qilin's compromise of a single South Korean MSP affected 32 financial institutions and resulted in over 2 terabytes of stolen data.
When identity breaches impact business, the primary consequences are data theft (49%), ransomware (48%), and financial theft (47%).
46% of security decision makers identify ransomware attacks as a leading concern, 44% identify cloud environment breaches, 37% identify email compromise, 37% identify data theft, and 35% identify supply chain compromise.
45% of intrusions resulted in data theft without immediate extortion attempts at the time of the engagement
Ransomware attacks involving data theft cost more than twice as much as ransomware attacks without data theft.
28% of intrusions investigated resulted in data theft that bore indications of extortion.
Extortion demands to suppress stolen data comprise 49% of extortion claims in the first half of 2025 and 65% of extortion claims in the second half of 2025.
Data theft-only attacks account for 57% of all attacks in 2025.
In the second half of 2025, more than two-thirds of ransomware attacks leveraged data theft instead of encryption.
92% of ransomware cases in Europe involved file encryption and data theft in 2025
Manufacturing organisations experienced 24% of attacks involving data theft.
Data theft was observed in 18% of incidents.
Credentials or data were stolen in nearly half of all cyberattacks.
Ransomware and data theft attempts accounted for nearly 30 percent of all Sophos Managed Detection and Response (MDR) tracked incidents (in which malicious activity of any sort was detected) for small and midsized businesses.
One in three CEOs cite cyber espionage and loss of sensitive information/intellectual property (IP) theft as their top concern.