Disclosure: TheBestVPN is reader-supported. When you buy a VPN through links on our site, we may earn commissions. Learn more.

What Is the Average Cost of a Data Breach?

Last updated:
What Is the Average Cost of a Data Breach?

 

Key Takeaways

  • $4.44 million – average cost per data breach in 2025
  • 15% increase from 2018 ($3.86M) shows steady upward trend
  • $4.25 million – eight-year average reveals rising baseline costs

The Story Behind the Numbers

From 2018 to 2025, the average cost of a data breach stayed firmly in multi-million territory. It rose from 3.86 million dollars in 2018 to 4.44 million in 2025, an increase of 0.58 million, or about 15 percent. Costs were stuck just under 4 million through 2020, then climbed almost every year, peaking at 4.88 million in 2024 before easing slightly. That dip does not erase the bigger picture: the floor keeps moving up. And it’s not just a few outliers driving that trend, since the FBI IC3 recorded 13,807 data breach cases reported from 2020 to 2024. Over the full eight-year period, the simple average is roughly 4.25 million dollars per incident. In other words, breaches are not just rare mega-events. Even a “typical” breach now carries a price tag that would be painful for most organizations to absorb. And because exposure is so frequent – 278.8 million victim notices were issued in the U.S. in 2025 (about 763,912 per day, or 530+ per minute) – the per-record math matters even more. In 2025, customer PII averaged $160 per record, employee PII $168, and intellectual property $178, meaning 10,000 customer records can translate to about $1.6M in record-level costs alone.

Why This Data is Important

These numbers show how expensive it has become to lose control of sensitive data. A single incident in the 4 to 5 million dollar range can erase years of savings from cutting corners on security. Even a breach of 10,000 customer records can total about $1.6 million in costs. And smaller organizations aren’t spared: for businesses under 500 employees, IBM’s data puts the average breach cost at $3.31MThe rise after 2020 suggests that modern setups, like cloud services and remote work, make incidents harder to detect and contain, and a significant share of breaches still trace back to basic human error. For everyday users, the cost shows up in higher prices and extra friction online. The takeaway is simple: each piece of data you share is a risk. Strong passwords, multi-factor authentication, and encrypting your traffic with a VPN all reduce the damage when something goes wrong.

Looking Ahead: Future Outlook

Based on the 2018 to 2025 data, the most realistic expectation is a high but uneven plateau. Average costs now cluster around 4 to 5 million dollars per breach, and there is no sign they will return to pre-2020 levels. Better tools and response plans can trim some losses, but growing digital footprints and stricter rules around reporting keep pressure on the upside. For individuals, that means treating protection as ongoing work, including keeping your VPN running reliably.

Source & Methodology

Figures come from IBM’s annual Cost of a Data Breach reports. We used the global average cost per breach for 2018 through 2025, measured in millions of US dollars and rounded to two decimal places. From these values we calculated simple differences, percentage change, and an eight-year average.