Newsletter Subscribe
Enter your email address below and subscribe to our newsletter
Enter your email address below and subscribe to our newsletter







Fertnig | E+ | Getty Images
It’s the letter most consumers dread receiving — the notification that your personal information has been involved in a data breach.
About 80% of respondents to a new survey said they received at least one data breach notice in the prior 12 months, according to the Identity Theft Resource Center.
Nearly 40% of respondents received three to five separate notices over that period. The survey polled 1,040 individuals in November.
Of those who recently received a data breach notice, 88% reported at least one negative consequence, such as increased phishing or other scam attempts, more spam emails or robocalls or an attempted account takeover, the survey found.
The number of data compromises rose 5% last year — with 3,322 events in 2025 versus 3,152 in 2024 — a record, according to the ITRC’s new annual report. The nonprofit organization has been tracking public reports of data compromises for 20 years.
“We have once again had more breaches in a single year reported than in any previous year,” said ITRC President James E. Lee.
The new data comes amid new scrutiny on the government’s handling of personally identifiable information at the Social Security Administration.
The Justice Department recently submitted new information in a court case involving the Social Security Administration, which reveals alleged mishandling of personal data at the agency.
The court filing includes “communications, use of data, and other actions” by the Department of Government Efficiency team at the Social Security Administration that the Justice Department described as “potentially outside” of the agency’s policy and/or not compliant with a March temporary restraining order that barred DOGE access to the agency’s personally identifiable information.
Personal information, including names and addresses, of about 1,000 people was included in correspondence sent via an encrypted, password-protected email attachment, according to a Justice Department example. It is unclear whether the password needed to access the data was also shared, according to the filing.
The new court filing follows an August whistleblower report by the Social Security Administration’s former chief data officer alleging “serious data security lapses” that may put the security of more than 300 million Americans’ data at risk, including the use of a vulnerable cloud server.
“We’re doing a triple review, but I would say Americans’ data is secure and in good shape,” Social Security Administration Commissioner Frank Bisignano told CNBC on Thursday.
In a follow-up statement, a Social Security Administration spokesperson told CNBC.com via email that the agency is “committed to safeguarding the personal data of every American.”
“Our systems are continuously monitored by career professionals in accordance with federal and industry security standards,” the spokesperson said.
Experts say it’s generally best for consumers to assume their data has already been exposed in various breaches.
“Everyone’s identity has already been stolen,” said Haywood Talcove, CEO of government at LexisNexis Risk Solutions. “The only question is, has it been used?”
Consumers may not have all the information about how their personal information has been compromised.
Because the government is generally exempt from state data breach laws, federal data breaches are not always public, Lee said.
Moreover, organizations that provide data breach notices have reduced the amount of information included in those disclosures due to litigation risk, according to Lee. In 2020, all organizations involved in such events provided information around what, how and why a breach happened, and what they did in response, he said. By 2025, that only applied to 30% of notices, he said.
The remaining 70% of data breach notices from the last year lacked actionable information, according to Lee.
The top industries to see data compromises in 2025 included financial services, health care, professional services, manufacturing and education, according to the ITRC’s annual report.
By taking certain steps, you can greatly improve your chances of “not getting screwed with” and “will be better off than virtually every single person in the country,” Talcove said.
Correction: This story has been revised to reflect that the number of data compromises rose 5% last year. A previous version used an incorrect term for the percentage change that was provided by the Identity Theft Resource Center, which has since updated its website.
Source link
See more https://theglobaltrack.com/