Healthcare had the most expensive data breaches for the 15th consecutive year, according to a new IBM report.
Here are five things to know from the July 30 study that analyzed 600 breaches globally between March 2024 and February 2025:
1. Healthcare experienced the most costly data breaches of any industry studied, at $7.42 million, down from $9.77 million in 2024.
2. Healthcare data breaches took 279 days to identify and contain, the longest of any industry and five weeks more than the average of 241 days.
3. “Attackers continue to value and target the [healthcare] industry’s patient personal identification information, which can be used for identity theft, insurance fraud and other financial crimes,” the report stated.
4. Global breach costs declined for the first time in five years, to an average of $4.4 million, thanks in part to AI-driven detection. The cost of a U.S. breach, however, averaged $10.2 million.
5. Hackers used AI in 16% of breaches overall, led by AI-generated phishing (37%) and deepfake impersonations (35%).
