U.S. Data Breaches Reach Record High in 2025 Amid Declining Transparency
The Identity Theft Resource Center (ITRC) reported a record 3,322 data compromises in the U.S. in 2025 the highest number ever tracked. However, only 30% of breach notices provided actionable details, a sharp decline from previous years when nearly all disclosures included critical information. ITRC President James Lee warned that this lack of transparency increases risks for individuals and businesses, particularly as cybercriminals leverage AI-driven attacks and repurposed breach data.
The report highlights growing concerns over inconsistent state laws, legal risks, and corporate liability fears, which have led many organizations to withhold key details. AI-powered threats, supply chain vulnerabilities, and the reuse of stolen data in new attacks further complicate the landscape. Lee emphasized that all organizations, regardless of size, remain prime targets, with identity crimes often serving as a gateway to larger breaches.
In an interview with Information Security Media Group, Lee discussed the rising trend of attackers exploiting previously compromised data, the vulnerabilities created by opaque breach disclosures, and the need for stronger federal regulations and minimum cybersecurity standards. The ITRC’s findings underscore the urgency of improved transparency and proactive defenses in an evolving threat environment.
Source: https://www.bankinfosecurity.com/transparency-in-decline-as-data-breaches-hit-new-high-a-30661
Identity Theft Resource Center - Nonprofit cybersecurity rating report: https://www.rankiteo.com/company/idtheftcenter
"id": "IDT1770197800",
"linkid": "idtheftcenter",
"type": "Breach",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'location': 'U.S.',
'size': 'All sizes',
'type': 'Multiple organizations'}],
'attack_vector': ['AI-driven attacks',
'Supply chain vulnerabilities',
'Repurposed breach data'],
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally identifiable '
'information',
'Breach data']},
'date_detected': '2025',
'date_publicly_disclosed': '2025',
'description': 'The Identity Theft Resource Center (ITRC) reported a record '
'3,322 data compromises in the U.S. in 2025, the highest '
'number ever tracked. However, only 30% of breach notices '
'provided actionable details, a sharp decline from previous '
'years. The lack of transparency increases risks for '
'individuals and businesses, particularly as cybercriminals '
'leverage AI-driven attacks and repurposed breach data.',
'impact': {'brand_reputation_impact': True,
'data_compromised': True,
'identity_theft_risk': True,
'legal_liabilities': True},
'lessons_learned': 'Lack of transparency increases risks for individuals and '
'businesses. Stronger federal regulations and minimum '
'cybersecurity standards are needed.',
'motivation': ['Financial gain', 'Identity crimes'],
'post_incident_analysis': {'root_causes': ['Inconsistent state laws',
'Legal risks',
'Corporate liability fears',
'AI-powered threats',
'Supply chain vulnerabilities']},
'recommendations': ['Improve transparency in breach disclosures',
'Adopt stronger federal regulations',
'Implement minimum cybersecurity standards',
'Proactive defenses against AI-driven threats'],
'references': [{'date_accessed': '2025',
'source': 'Identity Theft Resource Center (ITRC)'},
{'date_accessed': '2025',
'source': 'Information Security Media Group'}],
'regulatory_compliance': {'regulations_violated': 'Inconsistent state laws'},
'threat_actor': 'Cybercriminals',
'title': 'U.S. Data Breaches Reach Record High in 2025 Amid Declining '
'Transparency',
'type': 'Data Breach'}