The Ultimate Guide to Credit Cards
Tuesday, February 20, 2024

21 Startling Credit Card Data Breach Statistics (2024)

Credit Card Data Breach Statistics
Erica Sandberg

Written by: Erica Sandberg

Erica Sandberg
Erica Sandberg

Erica Sandberg is a consumer finance expert and journalist whose articles and insights are featured in publications such as the Wall Street Journal, Reuters, MarketWatch, Forbes, and MSN Money. An experienced media host, she's led many financial programs, including her podcast, "Adventures With Money." She's appeared on Fox, CNN, "EconTalk" and "The Dr. Drew Podcast," and has been the resident money and credit authority for KRON-4 News in San Francisco for more than 10 years. Her book "Expecting Money: The Essential Financial Plan for New and Growing Families" was first released in 2008, and the 2017 edition is out now.

See full bio »

Edited by: Lillian Guevara-Castro

Lillian Guevara-Castro
Lillian Guevara-Castro

Lillian Guevara-Castro brings more than 30 years of editing and journalism experience to the CardRates team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct journalism instructor at the University of Florida. Today, Lillian edits all CardRates content for clarity, accuracy, and reader engagement.

See full bio »

Reviewed by: Ashley Fricker

Ashley Fricker
Ashley Fricker

Ashley Fricker has more than a decade of experience as a finance contributor and editor, and has specialized in the credit card industry since 2015. Her credit card commentary is featured on national media outlets that include CNBC, MarketWatch, Investopedia, and Reader's Digest, among many others. She has worked closely with the world’s largest banks and financial institutions, up-and-coming fintech companies, and press and news outlets to curate comprehensive content and media. Ashley holds a bachelor's degree in multimedia journalism from Florida Atlantic University.

See full bio »

Opinions expressed here are ours alone, and are not provided, endorsed, or approved by any issuer. Our articles follow strict editorial guidelines and are updated regularly.

Rolex watches, diamonds, precious art? In aggregate, such items are not nearly as valuable as all the credit card data and individual account information people can steal. When thieves steal personal financial information, they have access to people’s personal details as well as their credit card account numbers. Hackers can either open up new credit accounts, charge with the credit card account numbers that are now in their possession, or even make duplicate cards. It’s a lucrative business. 

Although security systems are developed to prevent these crimes that lead to identity theft and fraudulent activity, criminals often seem to find a way around them. Here are the most significant and recent credit card data breach statistics. 

1. 46% Reported Annual Increase of Credit Card Fraud

If you’re worried that credit card fraud — especially when it comes to major credit card data breaches — is increasing, the bad news is that it is. On a global scale, there has been a 46% year-over-year increase in reported credit card fraud attempts.1

2. Online Retailers Are Hit Hardest By Hackers

When you go into a retailer, such as a department store or a supermarket, to make a purchase with your credit card, in most cases, you will be perfectly fine. It’s when you make online purchases that the danger of data breach possibilities increases. 

Companies and individuals who sell online have the highest rates of credit card fraud. Over the past three years, e-commerce merchants have experienced a whopping 140% hike in such attacks.1

3. 46% of Card Fraud Losses Occur in the US

Although credit card data breaches originate in all corners of the world, the fraud that results from it statistically lands close to home. 

Global Card Fraud Losses Graphic

People who hack into credit card accounts can do so from anywhere, but of all global credit card fraud losses, 46% come from the United States.1

4. 80% of Cards in Circulation Have Been Compromised

If you’re like most people, you don’t consider whether your credit card information has been tapped into by thieves, but you may be surprised to know how often it does happen. 

Globally there are 1.25 billion credit cards in circulation – and 80% of them have already been compromised due to breaches or hacks.1

5. Capital One Settled a Data Breach Class-Action Suit to the Sum of $190M

All credit card issuers have experienced some kind of data breach at various points. When it happens, it affects millions, and the card issuer has to scramble to make amends. 

For example, a class-action lawsuit was filed against Capital One, one of the top credit card issuers, for a data breach that impacted 100 million people. The company settled the case for $190 million.2

6. Los Angeles Has Experienced the Most Card Fraud Losses

People all across the United States experience some level of credit card fraud due to hacking, but these 10 cities have taken the most losses from fraud.3

City/StateCredit Card Fraud Losses
Los Angeles, California$629,850
Las Vegas, Nevada$564,462
Houston Texas$495,924
Chicago, Illinois$493,379
Miami, Florida$476,659
Killeen, Texas$465,785
Bloomington, Illinois$448,996
Springfield, Illinois$428,313
Reno, Nevada$428,092
Dallas, Texas$408,931
Source: UpgradedPoints.com

7. More than 200,000 Card Fraud Reports Already Filed in the First Half of 2023

You’re not alone if you’ve discovered that somebody has been using your account, leaving you with the bill to dispute. 

In the first half of 2023, there were 219,713 credit card fraud reports filed.4

8. More Than 740,000 Credit Card Accounts Compromised by BidenCash

In most cases, identifying who is responsible for grabbing your credit card data is nearly impossible. It could be people close to home, but also people who live very far away. 

BidenCash is a Russian-language criminal website that uses the US president’s name and likeness to trade in stolen data of 740,858 credit cards online.5 An additional 811,676 debit cards and 293 charge cards were also published and up for grabs. 

9. DSW Shoe Warehouse Was the First Large Credit Card Breach Target

It may seem like credit card data breaches have been going on for decades, but it really got started when the internet took off. 

DSW Data Breach Graphic

In 2005, a data breach affected over 1.4 million customers at DSW Shoe Warehouse.6 Customers’ credit card numbers (as well as their debit card and checking accounts) and names associated with other accounts were exposed when hackers broke into the company’s database.

10. The Majority of Identity Theft Victims Suffer Emotional and Physical Effects

When credit card data breaches result in identity theft, the victim not only has to deal with the credit and financial impact, but their emotional and physical states as well.

In 2022, the number of victims who reported experiencing negative feelings and emotions rose to 87%, and 68% reported having physical problems.7

11. The Most Common Actions People Take After Identity Theft 

Although it is impossible for individuals to stop crooks who commit data breaches, people who were victimized do tend to change their personal finance habits7:

  • 71% put a security or a credit freeze on their credit reports
  • 60% make sure they have a PIN and/or password on their phone or tablet 
  • 65% check their credit reports regularly
  • 49% shred documents containing their account and personal information 

12. 88% of Data Breaches Result From Employee Mistakes

Do you think computers are responsible for data breaches? Think again. Roughly 88% of all data breaches are caused by mistakes made by employees.8

Data Breaches Due to Human Error Graphic

Human error is all too often at fault for cybersecurity problems. 

13. Less Than 1% of Hackers are Caught

As a victim of credit card fraud committed by large or small hackers, you probably want justice. Shouldn’t that person be arrested and spend time behind bars for stealing your information and running up credit card debt in your name? Unfortunately, your chances of seeing justice done are slim to none.

 Less than 1% of credit card cases are solved by the police.9

14. One Breach Lasted More Than 2 Years

Ideally, a company will shut down credit card hackers immediately and notify their customers about what happened and how to react. 

But it took See Tickets, an online event ticket vendor that was hit by hackers, 2.5 years to remove the malicious code that had breached its site.10 In that time, the company concluded that unauthorized parties may have accessed customer credit card information. 

15. 30-Somethings Report Highest Incidences of Card Fraud

Not everybody carries the same risk of credit card fraud that can occur after a credit card data breach. People between the ages of 30 to 39 reported the most cases of fraud, at 89.17 loss reports per 100,000 people as of June 2023.11 Credit card fraud is the number one type of loss reported (30%).

30 to 39 Age Group Fraud Losses

The median losses among the 30 to 39 age group averages $500.

16. Ages 80 and Up Experience the Highest Losses from Credit Card Fraud

Early detection is essential to converting the financial damage that results from someone else using your credit card account. Younger people may be more accustomed than those who are older to respond to alerts or spot things that are amiss in their credit reports.  

People who are at least 80 years old experienced the highest median loss due to fraud, totaling approximately $1,500 per reported incident.11

17. The Price of Your Credit Card Data on the Dark Web

Once the criminals have your credit card information, they can sell it on the dark web. The marketplace for black market credit card data is huge. 

 The cards may be sold as cloned physical cards or account information only12:

  • $171 is the average price of a physical, cloned credit card, or $0.0575 per dollar of credit limit
  • $17.36 is the average price of one stolen credit card’s information, about $0.0033 per dollar of credit limit

18. Criminals Pay the Most for Mastercard Data

Credit cards that are issued by different companies have different values. 

Criminals who are interested in purchasing your credit card or account number will be willing to pay more or less, depending on the issuer12:

  • American Express: 5.13 cents per dollar
  • Discover: 6.27 cents per dollar
  • Mastercard: 6.47 cents per dollar
  • Visa: 5.75 cents per dollar

19. The Going Rate For Your Personal Info is $30

Criminals can really do some damage if they get your full information, called “fullz.” That would include your Social Security number, mailing address, birth date, and other personal details purchased as an add on. 

Fullz goes for approximately $30 if they purchase the physical card and less than $1 for your credit card account information.12

20. 51% of Organizations Plan to Take Greater Measures to Prevent Data Breaches 

It is in the best interest of merchants and credit card issuers to take action to avoid credit card breaches. That means paying more for greater security. 

With losses so high, it’s no wonder companies want to protect their financial interests — as well as that of their customers. In fact, 51% of organizations plan to increase cybersecurity spending this year.13

21. And Finally, New Account Fraud Declined by 42%

If you’re looking for a glimmer of hope, you’ll find it in the statistics about new account fraud. It occurs when criminals use the information that is available from data hacks to open new accounts in your name. They charge with the credit card, leaving you the bill. 

Losses from new account fraud declined in 2022 by 42% to $3.2 billion.14

What Consumers Can Do to Minimize the Impact of Data Breaches

There are a few actions you can take to reduce the problems associated with credit card data breaches: 

  • Check your credit report to detect whether somebody has opened a card in your name.
  • If you see anything that seems strange, dispute it with the credit bureau immediately. 
  • Only shop from secure eCommerce websites
  • Change your password frequently and make sure it is extremely complicated. 
  • Do not keep your passwords logged into your computer. 

And pay attention to the news. When you hear that there has been a data breach at a retailer that you frequent, or with a credit card issuer that you have, contact the company to protect your personal data. 

If you want to take additional measures, place a freeze on your credit report. This way, no one but you can access the information on your credit report, and fraudsters cannot open an account in your name. By taking a few preventative measures, you can make sure your personal and financial information is safe from hackers. 

Sources:

1 https://www.clearlypayments.com/blog/credit-card-fraud-in-2023/

2 https://www.nytimes.com/2021/12/23/business/capital-one-hacking-settlement.html

3 https://upgradedpoints.com/credit-cards/credit-card-fraud-hotspots/

4 https://www.ftc.gov/news-events/news/press-releases/2023/02/new-ftc-data-show-consumers-reported-losing-nearly-88-billion-scams-2022

5 https://www.scmagazine.com/news/bidencash-card-shop-leaks-2-million-payment-card-records#

6 https://www.ftc.gov/news-events/news/press-releases/2005/12/dsw-inc-settles-ftc-charges

7 https://www.idtheftcenter.org/wp-content/uploads/2022/09/2022-Consumer-Impact-Report_V3.4_Final_Linked.pdf

8 https://blog.knowbe4.com/88-percent-of-data-breaches-are-caused-by-human-error

9 https://lanterncredit.com/credit-cards/how-credit-card-frauds-are-caught

10 https://www.bleepingcomputer.com/news/security/see-tickets-discloses-25-years-long-credit-card-theft-breach/

11 https://public.tableau.com/app/profile/federal.trade.commission/viz/AgeandFraud/Infographic

12 https://www.comparitech.com/blog/vpn-privacy/dark-web-prices/

13 https://securityintelligence.com/articles/cost-of-a-data-breach-2023-financial-industry/#

14 https://www.paymentsjournal.com/javelins-identity-fraud-study-highlights-the-changing-nature-of-fraud/