Hacking Statistics (How Many Sites Get Hacked?)

Are you trying to find the best hacking statistics and learn how many sites get hacked?

Cybercrime, attacks and threats – sadly, it’s all part of the online world, which we cannot escape.

Every year, thousands of websites, businesses, and individuals (more like millions!) get hacked and scammed, causing data and financial loss.

Luckily, cybersecurity is improving, protecting individuals, businesses and organizations from cybercriminals.

In this statistical roundup, I’ll share the current state and trend of hacking statistics, giving you a better idea of the issue’s importance.

From websites to industries, hacking types and other terrifying stats, I’ll provide an overview and share insights into cybersecurity.

Get a better understanding of the hacking problem, so you can take the proper steps to protect yourself and your business online.

This post covers:

Hacking Statistics (Our Top Picks)

• 10.8 million websites get hacked yearly
• WordPress is the most vulnerable content management system
• Approximately 20 ransomware attacks happen every second
• Cyberattack damage cost is predicted to reach $10.5 trillion by 2025
• Data breach costs the US nearly 2x the global average – $9.4+ million
• The most common cause of data breach is stolen/compromised credentials
• Malware experienced a 39% decline in 2020
• The total average cost of a breach in healthcare is $10.1 million
• There are around 1.27+ million phishing sites worldwide

Before we continue, you need to know that the accurate measurements of cybercrime are challenging to measure because not all crime is reported. Plus, not everyone is aware they have been targeted.

The sad part is that all the statistical estimates below are, in reality, much higher.

It is now time for some shocking news!

How Many Sites Get Hacked?

How many websites do you think get hacked daily?

If you said 30,000, BINGO!

That’s 210,000 weekly, 900,000 monthly and 10.8 million yearly. Have you ever wondered how many total websites there are? Our website statistics reveal it all.

Unfortunately, small business websites get affected by cyber criminals, malicious code and other harmful attacks the most.

Too many think cybercriminals only target Google, Facebook, and other online behemoths, but that’s not true. Hackers are interested in nearly any size website and online platform.

In short – everyone can be a target.

A more general approach to protect your site would be:

Your website must be built on a solid foundation, use reliable hosting and don’t install suspicious and outdated plugins (in the case of WordPress (also check our WordPress statistics), plugins (see below) are one of the biggest reasons for site hacks), apps and software.

Source: Forbes

1. Which CMS gets hacked the most?

The largest content management system in the world, WordPress, gets hacked the most (95.6%). All the other popular CMSs are far behind, with Joomla (2.03%) in second, Drupal (0.83%) in third and Magento (0.71%) in fourth position.

If you’re interested in more exciting facts about content marketing system stats, peeks at our CMS market share article.

Additionally, Sucuri reported that approximately 1 in every 25 WordPress websites gets hacked. One of the biggest WP vulnerabilities are plugins (92.81%), then themes (6.61%) and finally, core (0.58%).

Fun fact: The three most exposed WP components are Contact Form 7, TimThumb and WooCommerce.

But you may also be interested in our WordPress hacking statistics roundup to find out how many WP sites get hacked.

Source: Sucuri

2. How Many Cyber Attacks Happen Per Day?

According to SonicWall, in the first half of 2021, they recorded a whopping 304.7 million ransomware attacks globally. That’s roughly 610 million per year. But since cybercrime keeps increasing, the number could be even greater.

We’re talking about approximately 20 attacks every second!

Source: SonicWall

3. Countries with the best cybercrime protection

The ten countries with the strongest cybersecurity are Belgium, Finland, Spain, Denmark, Germany, Lithuania, France, Sweden, the UK, and Portugal.

Source: Seon

4. Countries with the weakest cybercrime protection

The countries where cybersecurity is the weakest are Afghanistan, Myanmar, Namibia, Libya, Honduras, Cambodia, Mongolia, Ethiopia, Venezuela and Nicaragua.

Not only is protection against cybercrime weak, but these countries also have the weakest legislation against it. Sometimes there’s no legislation, so users, website owners and businesses must be especially cautious when transferring and processing sensitive data and transactions.

Source: Seon

Cost Of Hacking Statistics

5. Cyberattack damage cost is predicted to reach $10.5 trillion by 2025

In 2015, the cost of cybercrime was “just” $3 trillion, but it’s expected to reach a whopping $10.5 trillion by 2025.

What about 2023? $8 trillion.

With the rise of the digital economy comes the rise of digital crime. And just like everything on the internet is getting more and more sophisticated, so are the attackers getting better and better at it.

Meaning, it’ll only get more expensive to keep the data protected from unwanted intruders.

Source: eSentire

6. Data breach costs the US nearly 2x the global average

Year after year, the United States is the leader in the highest data breach cost, with an average cost of $9.4+ million.

As a reference, the global average total cost of a data breach is $4.3+ million—approximately $5.1 million less than in the US.

Source: IBM

Data breach costs around the world

These are the top five countries and regions with the highest data breach costs:

Country/region	Data breach cost in millions
United States	$9.44
Middle East	$7.46
Canada	$5.64
United Kingdom	$5.05
Germany	$4.85

Fun fact: The country with the fastest growth rate of a data breach is Brazil, at $1.38 million.

Source: IBM

7. More ransomware attacks and costlier destructive attacks

The average ransomware attack cost is $4.5+ million (a 41% growth in a single year) and it takes 49 days longer to identify than a year before.

Moreover, the cost of destructive attacks increased by an additional $430K, to $5.1+ million.

Source: IBM

8. Private and public clouds are hit more than hybrid cloud models

IBM reports that nearly 50% of breaches happen in the cloud, with organizations that have private and public clouds experiencing the highest data breach costs.

Cloud type	Data breach cost in millions
Public cloud	$5.02
Private cloud	$4.24
Hybrid cloud	$3.80

Source: IBM

9. The most common cause of data breach is stolen/compromised credentials

Besides being the most common cause of a data breach, it also takes the longest to detect – 327 days. However, phishing is still the cause that costs the most.

Cause of a data breach	Cost in millions
Phishing	$4.91
Business email compromise	$4.89
Vulnerability in third-party software	$4.55
Stolen or compromised credentials	$4.50
Malicious insider	$4.18

Source: IBM

10. A single cyber attack costs US companies on average $18,000

On average, companies in the United States need to pay $18,000 for an attack, whether a breach, DDoS attack, malware or ransomware. That’s $8,000 more than in 2021. Also, nearly half of the US businesses experience some type of cyber attack.

Source: Hiscox

11. Global security spending by segment

Security segment	Spending in millions
Security services	$64,270
Infrastructure protection	$17,483
Network security equipment	$11, 684
Identity access management	$10,409
Consumer security software	$6,235

Source: Embroker

Hacking Statistics By Attack Type

12. Targeted ransomware is on a continuous rise

Ransomware attacks are constantly growing across all industries, jumping from 0.016% (of all malware) in 2021 to 0.026% in 2022.

Cybercriminals keep improving their ransomware techniques, making them more challenging for the attacked businesses and people to identify and counteract, thus the growth.

Source: Kaspersky

13. Malware experienced a 39% decline in 2020

Malware saw a nice decline in 2020, but that doesn’t mean it’s going away. SonicWall reported a global decline of 39% (the most significant drops in India and Germany), dropping to 4.4 billion malware attacks.

Country	Malware decline
India	-68%
Germany	-64%
United Kingdom	-44%
United States	-33%

Source: SonicWall

14. 22% of consumers reported malicious software on their devices

Consumers most commonly detect malicious software on their desktop device, smartphones, tablet, Wi-Fi networks and even connected devices.

The second and third most common cybercrimes are unauthorized access to email accounts (14%) and social media profiles (13%).

Source: Norton

15. 86% of adults are unaware/unfamiliar with stalkerware

There are actually only 14% of consumers who are aware of what stalkerware is and how it can affect them.

Fun fact: Almost 1 in 10 persons in a romantic relationship used an app to track the partner’s device activities. (Now that’s creepy, no wonder why it’s called creepware.)

Why the rise of online stalking? One of the biggest reasons why people stalk their partners online is LOW trust.

Source: NortonLifeLock

Industry-Specific Hacking Statistics

16. The total average cost of a breach in healthcare is $10.1 million

The healthcare industry gets hit the hardest, resulting in the highest average breach cost. It increased by 9.4% from $9.2 million in 2021.

The second highest cost has the financial organizations (averaging $5.9+ million), in the third place is pharmaceuticals at $5+ million, fourth is technology ($4.9+ million) and fifth is energy ($4.72 million).

Industry	Data breach cost in millions
Healthcare	$10.10
Financial organizations	$5.97
Pharmaceuticals	$5.01
Technology	$4.97
Energy	$4.72

Services ($4.7 million), industrial ($4.47 million), and research ($3.88 million) are in the sixth, seventh, and eighth positions, respectively. The public sector is one of the least affected, costing $2.07 million.

Source: IBM

17. 61% growth of phishing attacks in 2022

Phishing attacks are also on the rise, hitting 61% in 2022. The most targeted industries are financial, SaaS and webmail, social media, logistics and shipping, payment, and eCommerce.

Source: SlashNext

18. There was a $41+ billion eCommerce fraud loss

The eCommerce industry lost $41.1 million due to online payment fraud in 2022. Although this number is staggering, only 34% invested in fraud prevention.

Moreover, Juniper predicts a 131%+ fraud growth between 2022 and 2027.

Source: Juniper

19. Half of the small businesses have a cybersecurity plan

In a survey, 50% of respondents said they have a cybersecurity plan for their small businesses. Of 50% who said they don’t have a plan, 30% plan on getting one, and 20% have no plans of setting up cybersecurity.

Source: UpCity

20. 60% of small businesses believe they won’t get attacked

As mentioned earlier, many small business owners believe they aren’t a target of cybercriminals. As it turns out, nearly 20% are.

It’s vital for every business owner to know that protecting data is way easier than recovering it after being hacked. (Or maybe even never recovering it.)

Invest in cybersecurity early so you don’t feel sorry later.

Source: BullGuard

Global Hacking Statistics

21. There are around 1.27+ million phishing sites worldwide

Since the beginning of 2020, the number of phishing sites has increased, jumping to 1,270,000+ in the third quarter of 2022.

Surprisingly, that’s a nearly 10x increase since the COVID-19 pandemic (which is likely because more people turned to the internet for online shopping, online banking, online food ordering, etc.).

Year	Number of phishing sites
2022	1,270,000+
2021	730,000+
2020	571,000+
2019	266,000+
2018	151,000+

Source: Statista

22. AI helps 69% of organizations respond to cyberattacks around the world

83% of the organizations in the United States said that they couldn’t respond to cyberattacks without using artificial intelligence. The other four countries that rely heavily on AI are Australia (73%), the United Kingdom (72%), Spain (71%), and France (70%).

But only 54% reported dependency on artificial intelligence in Sweden (because cyberattacks are lower in the country than in others).

Source: Statista

23. The three most common cybercrime complaints are phishing, non-payment and extortion

According to the FBI, the most common crime report is for phishing, vishing, smishing or pharming.

Cybercrime type	Number of victims
Phishing/vishing/smishing/pharming	240,000+
Non-payment/non-delivery	108,000+
Extortion	76,000+
Personal data breach	45,000+
Identity theft	43,000+
Spoofing	28,000+
Misrepresentation	24,000+
Confidence fraud/romance	23,000+
Harassment/threats of violence	20,000+
BEC/EAC	19,000+

Source: FBI

24. On average, those affected by cybercrime spend seven hours resolving issues

2.7 billion hours were lost resolving issues due to cybercrime, which averages to 6.7 hours per victim.

Indian victims take the longest to sort things out (10.8 hours), followed by Germany (9.1 hours), Italy (8.7 hours), Australia (8.2 hours), the US (6.7 hours), and Japan (5.9 hours).

In addition, the countries that lost the most money due to attacks are India, Australia, the UK, the US, Germany and France. The average across ten countries is 47% of victims who lost money.

Source: Norton

25. 1 in 5 consumers are victims due to scam

Some more common reasons for scams are clicking fraudulent package notification links, purchasing false items, donations, sending money to strangers on dating sites, etc. There were also many scams related to COVID-19 during the pandemic.

Source: Norton

26. Expected $100 billion in losses due to ad fraud

The advertising fraud is spreading like wildfire, going from $35 billion in 2018 to $100 billion in 2023. Just in the United States alone, ad fraud reached approximately $81 billion in 2022.

Although advertising platforms are getting better at detecting scammy advertisers and bots, their platforms aren’t yet sophisticated enough to spot fraud soon enough. (Instead of ads served to potential customers, they are served to bots.)

Source: Statista

Other Terrifying Hacking Stats

27. The human element is the highest reason for attacks

According to the Data Breach Investigations Report, the human element accounts for the most common cause of data breaches, at 82%.

From phishing attacks to stolen credentials, cyber criminals usually go after the human element via emails, using tricky links (which are also getting more popular on social).

Source: Verizon

28. Death of a woman caused by a ransomware attack at a German hospital

A ransomware attack caused IT failure at a Düsseldorf, Germany hospital, causing the death of a 78-year-old woman. This is the first reported death by ransomware.

Source: Fortune

29. A hacker tried to poison a city’s water supply in 2021

In February 2021, a hacker tried to poison the water supply in Oldsmar, Florida, by upping sodium levels to health-threatening levels.

Source: Wired

30. A slight increase in meat prices due to a ransomware attack on JBS

The world’s largest meat processing company got attacked by Russian ransomware in 2021, affecting thousands of workers and causing a tiny spike in the price of meat.

Source: Newsweek

31. Windows gets hit by malware the most of all operating systems

78% of malware codes targeted Windows systems in 2019, which increased to 83% in early 2020. On the other side, the trend of malware attacks on MacOS is declining.

Source: AV-TEST

32. 6 million records are lost or stolen daily

Every second, hackers steal a whopping 75 records (or make them appear “lost”). 1,000s records will be lost when you finish reading these hacking statistics.

Source: Database Trends And Applications

33. Americans fear hackers more than getting mugged

Almost 70% of Americans fear hackers stealing their credit card information. And 62% fear getting their computers and smartphones hacked and data stolen.

That’s a lot more than worrying about being burglarized (45%), which is in third place at the top list of crime fears. And only 18% have a fear of getting murdered.

Source: Statista

Conclusion

Sheesh!

That was a massive portion of the nightmare we all need to pay close attention to to prevent website, social, email or any other attacks as much as possible.

Websites that lack up-to-date software, themes, and plugins, weak passwords, or an SSL certificate are at much greater risk of being hacked.

Usually, these are small businesses and individuals without the necessary experience to implement strong cybersecurity practices.

I’m sure these hacking statistics will shake you (a little bit) to take security seriously.

You’ll thank yourself later.

What cybersecurity strategies work best for you? Let us know in the comments below.