18% of leaders at financial services firms say they are unprepared to recover effectively from an Insider threat or data compromise.

About 0.5% of all security breaches in the first half of 2025 were supply‑chain incidents, but these incidents generated nearly half of all breach notifications, affecting almost 700 companies.

69% of 2025's breach notices did not include an attack vector. This is an increase from 65% for the full year 2024.

1,732 data compromises were reported in the first half of 2025. This is about 5% ahead of H1 2024 in terms of compromises. It is also more reported compromises than at the halfway point in 2023, which was the previous high-water mark for data compromises.

78% of compromises reported in the first half of 2025 were true data breaches. These accounted for 69% of the breach notices issued in the first half of 2025.

H1 2025 compromises resulted in a little more than 165.7 million breach notices.

The number of victim notices through June 2025 is only 12% of the total for 2024. This is because there haven't been the same level of mega-breaches affecting hundreds of millions of people as seen last year.