Overview

• The global average cost of a data breach fell 9% to $4.44 million in 2025, marking the first decline since 2020.
• In the United States, breach expenses rose 9% to a record $10.22 million, propelled by higher regulatory fines and rising escalation costs.
• Healthcare remained the costliest sector at $7.42 million per incident and recorded the longest 279-day breach lifecycle.
• Organisations extensively using AI and automation cut breach costs by an average of $1.9 million and shortened breach lifecycles by 80 days.
• Thirteen percent of breaches now involve AI model exploitation or shadow AI misuse, exposing governance gaps and new attack surfaces.