In our May 2025 blog post, Study Finds Average Cost of Data Breaches Significantly Increased Globally in 2024, we highlighted the key findings of the Ponemon Institute’s Cost of a Data Breach Report 2024. The Ponemon Institute has now published its Cost of a Data Breach Report 2025, showing a decrease in data breach costs, driven by faster identification and containment. Each year, the report sets forth a vast dataset analyzing data breaches at hundreds of organizations to spot trends and developments in security risks and best practices.
The key findings of the 2025 report include the following:
- Lowering Costs: The average cost of a data breach globally was $4.44 million in 2025, representing a 9% decrease from 2024, when the average cost was $4.88 million. Driving the decrease was faster identification and containment of breaches, much of it from organizations’ own information security systems and teams, with the help of artificial intelligence (AI) and automation.
- Top Countries and Regions: For the 15th year in a row, the United States led all countries and regions globally with an average cost per data breach of $10.22 million in 2025, up from $9.36 million in 2024, driven by higher regulatory fines and increased detection and escalation costs. The Middle East ($7.29 million), Benelux ($6.24 million), Canada ($4.84 million), and the United Kingdom ($4.14 million) rounded out the top five regions with the highest average data breach costs globally.
- Industry Highs and Lows: The industry with the highest average cost of a data breach in the United States continued to be healthcare, which saw an average of $7.42 million, a decrease from 2024, when the average cost of a breach in the industry was $9.77 million. By contrast, the financial industry came in second place with an average cost of $5.56 million per breach, while the public sector came in last place with an average cost of $2.86 million per breach.
- AI-Driven Attacks: Threat actors are using generative AI to make phishing and other social engineering attacks more scalable, personalized, and convincing. By mimicking trusted people and brands through emails, voice clones, and deepfake videos, these attacks are increasingly difficult to identify. The report found that 16% of breaches involved attacker use of AI, primarily in phishing and deepfake schemes.
- Types of Data: Customer PII was by far the most commonly stolen or compromised data type, representing 53% of incidents. This includes tax ID numbers, email addresses, and home addresses, which can be exploited for identity theft and credit card fraud. Company IP, while less frequently affected, was the costliest type of data compromised, at $178 per record.
- Causation: Malicious or criminal attacks, whether internal or external, remained the dominant cause of breaches at 51%, placing the greatest strain on security teams. Human error and IT failures comprised the rest, at 26% and 23%, respectively, and are more preventable through effective training and proactive security measures.
- Breach Lifecycle: The longer a breach remains unresolved, the more costly it becomes. Breaches with lifecycles under 200 days had an average cost of $3.87 million, down from $4.07 million in 2024, a decline of nearly 5%. By contrast, breaches lasting more than 200 days were the most expensive, with an average cost of $5.01 million. Even so, that figure reflects an approximately 8% decrease from 2024.
As concerns around the costs associated with data breaches continue to be a focal point of many service agreement negotiations, the Cost of a Data Breach Report 2025 can help organizations determine the actual financial risks associated with the data being exchanged under such agreements.