New analysis indicates there were 1,732 publicly reported U.S. data compromises in the first half of 2025—5% ahead of 2024’s pace, according to the Identity Theft Resource Center (ITRC).
However, the number of victim notices in H1 2025 (165,745,452) represents just 12% of the victim notices issued by mid-year 2024. The decrease is due in part to fewer people being impacted by the small handful of mega breaches in 2025 compared to 2024.
Cyberattacks were the primary cause of data breaches where personal information was stolen (1,348 incidents reported, leading to 114,582,621 victim notices).
The number of data breach notices without information about the root cause of the attack jumped from 65% in H1 2024 to 69% in the first six months of 2025. This is a trend ITRC said has continued for the past five years.
Financial services and healthcare industries are the most targeted sectors, with 387 and 283 compromises, respectively. While the number of compromises in financial services is slightly down from H1 2024, the healthcare sector saw an increase in breach events.
Professional services (221 compromises), manufacturing (158 compromises), and education (105 compromises) round out the the top five most target sectors.
“Through the first half of the year, we’ve seen a continuation, and in some cases, acceleration of the trends from 2024,” said James E. Lee, president of the nonprofit Identity Theft Resource Center. “Some of these trends are troubling—like the lack of transparency surrounding what caused more than two-thirds of compromises.”
There were 79 supply chain attacks reported in H1 2025, impacting 690 entities and leading to 78,320,240 victim notices.
“This highlights the cascading effect that a single vulnerability in a third-party can have on multiple organizations and their customers,” the report noted.
“We also saw the use of recycled information emerge,” Lee added. “That’s a serious risk for businesses since much of the data is logins and passwords, but it also means individuals need to take steps to protect themselves from identity fraud and scams, which they can learn to do by contacting the ITRC or visiting our website. There’s never a charge for individuals to turn to the ITRC for help.”
The ITRC has already tracked more physical attacks in the first half of 2025 (34) than in the full year 2024 (33). Although smaller in absolute numbers, this data breach trend is worth monitoring, ITRC said.
Was this article valuable?
Here are more articles you may enjoy.
US Tariffs Projected to Slow Global Economy and Insurance Premium Growth: Swiss Re 
State Farm Implements 27% Rate Increase for Illinois Homeowners 
Insured Losses From US Hurricanes Could Rise by 50% With Global Warming 
Excessive Litigation Causes Surge in Liability Insurance Costs: Marsh McLennan CEO 
