From Past to Present: The Evolution of Data Breach Causes (2005–2025)
DOI:
https://doi.org/10.62486/latia2025333Keywords:
Data Breach, Threat Actors, Cybersecurity, Compromised Data, AI-Driven Threats, Ransomware, Phishing, Personal Identifiable InformationAbstract
This review aims to analyze the changing causes of data breaches over
two decades by synthesising evidence from various data breach
investigation reports and regulatory filings. The methodology involves
examining trends in threat actors, actions, and motives identified in
reports such as the Verizon Data Breach Investigations Report (DBIR)
series from 2008 to 2024, California Attorney General's reports, and the
Privacy Rights Clearinghouse. (1,2,3) The findings reveal an evolution
through distinct phases: an initial period (roughly 2008-2010)
dominated by external breaches leveraging hacking and malware, a
subsequent era (2011-2019) marked by the rise of sophisticated
cybercrime, including increased phishing and the emergence of defined
incident patterns, and a more recent epoch (2020-2024) characterised
by a significant surge in ransomware attacks, exploitation of
systemic vulnerabilities, and the convergence of financially motivated
and nation-state actors. Throughout these periods, human factors and
errors have consistently contributed to successful breaches. In conclusion, the landscape of data
breaches have shifted from simpler external attacks to more complex and
disruptive campaigns, where human vulnerabilities remain a key
enabler, and the emerging landscape includes AI-driven threats
that are being explored by both attackers and defenders, necessitating
continuous adaptation of defence strategies to address both traditional
weaknesses and novel AI-related risks.
References
Verizon. Verizon Data Breach Investigations Report. [Internet]. Available from: https://www.verizon.com/business/resources/reports/dbir/
California Department of Justice. Search Data Security Breaches. [Internet]. Available from: https://oag.ca.gov/privacy/databreach/list
Privacy Rights Clearinghouse. Data Breach Chronology. [Internet]. Available from: https://privacyrights.org/data-breaches
Statista. Number of data breaches and victims in the U.S. 2023. [Internet]. Available from: https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/
Verizon-dbir-github reports. Verizon DBIR. [Internet]. Available from: https://github.com/amckenna/verizon-dbir-reports
Statista. Cost of cybercrime worldwide. [Internet]. Available from: https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide
Federal Bureau of Investigation. Internet Crime Complaint Center (IC3). [Internet]. Available from: https://www.ic3.gov/CrimeInfo/DataBreach
LifeLock. History of Data Breaches. [Internet]. Available from: https://lifelock.norton.com/learn/data-breaches/history-of-data-breaches
Australian Government. The Privacy Act 1988. [Internet]. Available from: https://www.legislation.gov.au/C2004A03712/latest/versions
European Commission. Europe GDPR. [Internet]. Available from: https://gdpr-info.eu/
UpGuard. Biggest Data Breaches in the US. [Internet]. Available from: https://www.upguard.com/blog/biggest-data-breaches-us
Digital Guardian. History of Data Breaches. [Internet]. 2023 Available from: https://www.digitalguardian.com/blog/history-data-breaches
CSO Online. The Biggest Data Breaches of the 21st Century. [Internet]. Available from: https://www.csoonline.com/article/534628/the-biggest-data-breaches-of-the-21st-century.html
Wired. Exactis Database Leak Exposes 340 Million Records. [Internet]. 2023 Available from: https://www.wired.com/story/exactis-database-leak-340-million-records/
Security Week. Spammers Leak 14 Billion User Records. [Internet]. 2023 Available from: https://www.securityweek.com/spammers-leak-14-billion-user-records/
MedCity News. Ascension Cyberattack: Cybersecurity in Healthcare. [Internet]. 2024 Available from: https://medcitynews.com/2024/12/ascension-cyberattack-cybersecurity-healthcare/
Indusface. Notorious Hacks in History. [Internet]. Available from: https://www.indusface.com/blog/notorious-hacks-history/
Zluri. Most Common Causes of Data Breaches. [Internet]. Available from: https://www.zluri.com/blog/most-common-causes-of-data-breaches
UpGuard. Biggest Data Breaches. [Internet]. Available from: https://www.upguard.com/blog/biggest-data-breaches
Monroe. Cybersecurity: History, Hacking, Data Breaches. [Internet]. Available from: https://www.monroeu.edu/news/cybersecurity-history-hacking-data-breaches
Securiti. Analysis of the Biggest Data Breaches in History and What to Learn. [Internet]. Available from: https://securiti.ai/analysis-of-the-biggest-data-breaches-in-history-and-what-to-learn/
American Hospital Association (AHA). FBI-TLP Alert: Picture Archiving Communication Systems (PACS) Vulnerability. [Internet]. 2020 Available from: https://www.aha.org/fbi-tlp-alert/2020-12-17-tlpwhite-picture-archiving-communication-systems-pacs-vulnerability
Krebs on Security. A Basic Timeline of the Exchange Mass Hack. [Internet]. 2021 Available from: https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/
CM Alliance. October 2023 Major Cyber Attacks, Data Breaches, Ransomware Attacks. [Internet]. 2023 Available from: https://www.cm-alliance.com/cybersecurity-blog/october-2023-major-cyber-attacks-data-breaches-ransomware-attacks
GetEvolved. Cybersecurity Incident: Substitute Notice of Data Breach. [Internet]. 2023 Available from: https://www.getevolved.com/about/news/cybersecurity-incident/substitute-notice-of-data-breach/
Aqua Security. SolarWinds Attack. [Internet]. 2021 Available from: https://www.aquasec.com/cloud-native-academy/supply-chain-security/solarwinds-attack/
Office of the Australian Information Commissioner (OAIC). Preventing, Preparing for and Responding to Data Breaches. [Internet]. Available from: https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/preventing-preparing-for-and-responding-to-data-breaches/data-breach-preparation-and-response/part-3-responding-to-data-breaches-four-key-steps
HealthTech Magazine. How Hospitals Use Network Microsegmentation to Guard Against Cyberattacks. [Internet]. 2017 Available from: https://healthtechmagazine.net/article/2017/10/how-hospitals-use-network-microsegmentation-guard-against-cyberattacks
CPO Magazine. 30-Year DICOM Vulnerability Exposes Millions of Health Records to Access and Manipulation. [Internet]. 2023 Available from: https://www.cpomagazine.com/cyber-security/30-year-dicom-vulnerability-exposes-millions-of-health-records-to-access-and-manipulation/
JPMorgan. Firm Establishes Quantum-Secured Crypto-Agile Network. [Internet]. 2023 Available from: https://www.jpmorgan.com/technology/news/firm-establishes-quantum-secured-crypto-agile-network
Ericom. What is a Zero-Day Attack?. [Internet]. Available from: https://www.ericom.com/glossary/what-is-zero-day-attack/
American Hospital Association (AHA). FBI-TLP Alert: Picture Archiving Communication Systems (PACS) Vulnerability. [Internet]. 2020 Available from: https://www.aha.org/fbi-tlp-alert/2020-12-17-tlpwhite-picture-archiving-communication-systems-pacs-vulnerability
Wikipedia. List of Data Breaches. [Internet]. Available from: https://en.wikipedia.org/wiki/List_of_data_breaches
Beazley. The Evolution of Cyber Attacker Techniques. [Internet]. Available from: https://www.beazley.com/en/cyber-services-snapshot/the-evolution-of-cyber-attacker-techniques/
Reddit. Why Does It Seem Like Data Breaches Are Becoming More Common?. [Internet]. Available from: https://www.reddit.com/r/cybersecurity/comments/1eojbq7/why_does_it_seem_like_data_breaches_are_becoming/
Center for Strategic and International Studies (CSIS). Significant Cyber Incidents. [Internet]. Available from: https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Amit Singh (Author)

This work is licensed under a Creative Commons Attribution 4.0 International License.
The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.