Disclosure: TheBestVPN is reader-supported. When you buy a VPN through links on our site, we may earn commissions. Learn more.

How Many People Get Hacked Each Year in the U.S.?

Last updated:
how many people get hacked a year

 

Key Takeaways

  • 1.37 billion victim notices sent to Americans in 2024
  • 2025 saw decline to 278 million victim notices, suggesting fewer large-scale attacks
  • Each breach represents potential identity theft, financial fraud, or privacy violations for victims

The Story Behind the Numbers

While there is no single worldwide tally of how many people are “hacked” each year, the most consistent measurable proxy is the number of individuals impacted by publicly disclosed data breaches. In the U.S., the Identity Theft Resource Center (ITRC) reported an unprecedented surge in 2024.

ITRC logged 3,158 data compromises and 1,367,117,021 victim notices in 2024, up from 420,393,489 notices in 2023 (a 225% increase). In 2025, compromises stayed high at 3,322, but victim notices fell to 278,827,933 – a sharp comedown after the 2024 spike. These notices are the emails or letters sent to affected people, so they show how widely breach fallout can spread in a single year. The 2024 jump was driven by multiple mega-breaches, where a small number of incidents generated an outsized share of total notices. The broader web ecosystem showed similar warning signs, with security researchers detecting malicious code infections on 3,214 websites every single day in 2024.  And while a VPN can’t stop a company breach, learning what a VPN is can still help reduce everyday tracking and exposure.

Why This Data is Important

When we talk about “people getting hacked,” we’re measuring individuals whose personal information was compromised through data breaches at companies they trusted. Each breach notification represents someone facing potential identity theft, financial fraud, or privacy violations. That downstream harm is largely driven by financially motivated cybercrime, which generates roughly six times more incidents than state-sponsored actors even though the number of groups is similar.

From 2020 to 2023, annual victim notice counts remained relatively stable between 302,869,661 (2020) and 425,219,503 (2022), with 420,393,489 in 2023. But 2024’s jump to 1,367,117,021 wasn’t gradual – it was driven by multiple mega-breaches exposing massive databases. The 2025 decline to 278,827,933 suggests fewer large-scale breaches, but it doesn’t mean the threat disappeared. Your information likely sits in multiple databases that could be compromised. Using tools to hide your IP address can reduce exposure while browsing online.

Looking Ahead: Future Outlook

The 2025 decline offers cautious optimism but doesn’t signal safety. Organizations have invested more in breach prevention, yet hackers continue evolving tactics. Future victim counts will likely fluctuate based on how successfully attackers target large databases.

Individuals must remain vigilant. Using VPN protection for browsing, enabling two-factor authentication, and monitoring accounts for suspicious activity are now necessary practices in our connected world, not optional precautions.

Source & Methodology

This analysis uses data from the Identity Theft Resource Center Annual Data Breach Reports (20242025). The ITRC tracks publicly disclosed breaches affecting U.S. consumers from organizations legally required to report compromises. These figures represent victim notices from publicly disclosed breaches – the most transparent data available. Some individuals may appear in multiple breaches annually.