Data Breach Cost by Industry
IBM's 2024 Cost of a Data Breach Report. Per-record costs and why each industry pays more — or less.
Per-Record Cost — IBM 2024
Healthcare
IBM 2024 — ranked by per-record cost
$10.93
per record
Healthcare data is the most valuable on the dark market — a full medical record sells for $250–$1,000 vs $5 for a credit card. HIPAA mandates extensive notification and remediation. Patient care disruption creates massive operational liability. Healthcare has been #1 for 14 consecutive years.
Key Regulations
Notable Breaches
- — Change Healthcare ($2.45B, 2024)
- — Anthem ($260M, 2015)
- — Community Health Systems (4.5M records)
Financial Services
IBM 2024 — ranked by per-record cost
$5.97
per record
Financial data carries immediate fraud risk, driving rapid regulatory response. PCI DSS compliance failures trigger steep fines. Customer churn is severe — people close accounts after breaches. Banks face card reissuance costs of $5–$15 per card.
Key Regulations
Notable Breaches
- — JPMorgan Chase ($1B, 2014)
- — Capital One ($300M, 2019)
- — Equifax ($1.4B, 2017)
Pharmaceutical
IBM 2024 — ranked by per-record cost
$4.82
per record
Pharma breaches often involve proprietary drug formulas and clinical trial data — intellectual property loss adds massive value beyond PII. Regulatory scrutiny is high, and patient safety implications elevate breach severity.
Key Regulations
Notable Breaches
- — Merck NotPetya ($1.35B, 2017)
- — Pfizer employee data leak (2020)
Technology
IBM 2024 — ranked by per-record cost
$4.97
per record
Tech companies hold massive volumes of third-party customer data, creating supply chain liability. High-value IP (source code, AI models) amplifies damage beyond PII. Sophisticated attackers target tech firms as stepping stones to customers.
Key Regulations
Notable Breaches
- — SolarWinds ($90M, 2020)
- — LastPass ($100M, 2022)
- — MOVEit ($2.7B industry-wide, 2023)
Energy
IBM 2024 — ranked by per-record cost
$4.78
per record
Critical infrastructure status means breaches can trigger national security responses. Operational technology (OT) / SCADA systems intertwine with IT, extending blast radius. Physical safety implications raise regulatory scrutiny significantly.
Key Regulations
Notable Breaches
- — Colonial Pipeline ($4.4M ransom, 2021)
- — Ukraine power grid attacks (2015, 2016)
Retail
IBM 2024 — ranked by per-record cost
$2.96
per record
Retail typically holds payment card data with lower per-record value than healthcare. High volume partially offsets lower per-record cost. PCI DSS provides a clear compliance framework. Customer churn is moderate as loyalty is often price-driven.
Key Regulations
Notable Breaches
- — Target ($292M, 2013)
- — Home Depot ($198M, 2014)
- — TJX ($256M, 2007)
Education
IBM 2024 — ranked by per-record cost
$3.58
per record
Education records contain long-lived sensitive data — SSNs, financial aid, mental health records — that persists for decades. Under-resourced IT departments create vulnerability. FERPA compliance adds notification requirements.
Key Regulations
Notable Breaches
- — Los Angeles Unified School District (2022)
- — Lincoln College (forced closure 2022)
Government
IBM 2024 — ranked by per-record cost
$2.6
per record
Lower per-record cost but enormous volumes and political consequences. Government breaches can compromise national security. Remediation is slow due to procurement processes. OPM breach affected 21.5M people with clearance data.
Key Regulations
Notable Breaches
- — OPM (21.5M records, 2015)
- — SolarWinds / US agencies (2020)
Manufacturing
IBM 2024 — ranked by per-record cost
$3.28
per record
Manufacturing breaches increasingly target OT/ICS systems. IP theft of product designs, processes, and formulas is the primary risk. Supply chain disruption costs multiply quickly. Ransomware impact on production lines can cost millions per day.
Key Regulations
Notable Breaches
- — Honda (EKANS ransomware, 2020)
- — Norsk Hydro ($52M, 2019)
Calculate your industry's specific breach cost
Use IBM 2024 data to estimate your organization's financial exposure in minutes.
Open the Calculator →