21 Startling Credit Card Data Breach Statistics (2024)

Rolex watches, diamonds, precious art? In aggregate, such items are not nearly as valuable as all the credit card data and individual account information people can steal. When thieves steal personal financial information, they have access to people’s personal details as well as their credit card account numbers. Hackers can either open up new credit accounts, charge with the credit card account numbers that are now in their possession, or even make duplicate cards. It’s a lucrative business. 

Although security systems are developed to prevent these crimes that lead to identity theft and fraudulent activity, criminals often seem to find a way around them. Here are the most significant and recent credit card data breach statistics. 

If you’re worried that credit card fraud — especially when it comes to major credit card data breaches — is increasing, the bad news is that it is. On a global scale, there has been a 46% year-over-year increase in reported credit card fraud attempts.¹

When you go into a retailer, such as a department store or a supermarket, to make a purchase with your credit card, in most cases, you will be perfectly fine. It’s when you make online purchases that the danger of data breach possibilities increases. 

Companies and individuals who sell online have the highest rates of credit card fraud. Over the past three years, e-commerce merchants have experienced a whopping 140% hike in such attacks.¹

Although credit card data breaches originate in all corners of the world, the fraud that results from it statistically lands close to home. 

People who hack into credit card accounts can do so from anywhere, but of all global credit card fraud losses, 46% come from the United States.¹

If you’re like most people, you don’t consider whether your credit card information has been tapped into by thieves, but you may be surprised to know how often it does happen. 

Globally there are 1.25 billion credit cards in circulation – and 80% of them have already been compromised due to breaches or hacks.¹

All credit card issuers have experienced some kind of data breach at various points. When it happens, it affects millions, and the card issuer has to scramble to make amends. 

For example, a class-action lawsuit was filed against Capital One, one of the top credit card issuers, for a data breach that impacted 100 million people. The company settled the case for $190 million.²

People all across the United States experience some level of credit card fraud due to hacking, but these 10 cities have taken the most losses from fraud.³

City/State	Credit Card Fraud Losses
Los Angeles, California	$629,850
Las Vegas, Nevada	$564,462
Houston Texas	$495,924
Chicago, Illinois	$493,379
Miami, Florida	$476,659
Killeen, Texas	$465,785
Bloomington, Illinois	$448,996
Springfield, Illinois	$428,313
Reno, Nevada	$428,092
Dallas, Texas	$408,931

You’re not alone if you’ve discovered that somebody has been using your account, leaving you with the bill to dispute. 

In the first half of 2023, there were 219,713 credit card fraud reports filed.⁴

In most cases, identifying who is responsible for grabbing your credit card data is nearly impossible. It could be people close to home, but also people who live very far away. 

BidenCash is a Russian-language criminal website that uses the US president’s name and likeness to trade in stolen data of 740,858 credit cards online.⁵ An additional 811,676 debit cards and 293 charge cards were also published and up for grabs. 

It may seem like credit card data breaches have been going on for decades, but it really got started when the internet took off. 

In 2005, a data breach affected over 1.4 million customers at DSW Shoe Warehouse.⁶ Customers’ credit card numbers (as well as their debit card and checking accounts) and names associated with other accounts were exposed when hackers broke into the company’s database.

When credit card data breaches result in identity theft, the victim not only has to deal with the credit and financial impact, but their emotional and physical states as well.

In 2022, the number of victims who reported experiencing negative feelings and emotions rose to 87%, and 68% reported having physical problems.⁷

Although it is impossible for individuals to stop crooks who commit data breaches, people who were victimized do tend to change their personal finance habits⁷:

• 71% put a security or a credit freeze on their credit reports
• 60% make sure they have a PIN and/or password on their phone or tablet 
• 65% check their credit reports regularly
• 49% shred documents containing their account and personal information 

Do you think computers are responsible for data breaches? Think again. Roughly 88% of all data breaches are caused by mistakes made by employees.⁸

Human error is all too often at fault for cybersecurity problems. 

As a victim of credit card fraud committed by large or small hackers, you probably want justice. Shouldn’t that person be arrested and spend time behind bars for stealing your information and running up credit card debt in your name? Unfortunately, your chances of seeing justice done are slim to none.

 Less than 1% of credit card cases are solved by the police.⁹

Ideally, a company will shut down credit card hackers immediately and notify their customers about what happened and how to react. 

But it took See Tickets, an online event ticket vendor that was hit by hackers, 2.5 years to remove the malicious code that had breached its site.¹⁰ In that time, the company concluded that unauthorized parties may have accessed customer credit card information. 

Not everybody carries the same risk of credit card fraud that can occur after a credit card data breach. People between the ages of 30 to 39 reported the most cases of fraud, at 89.17 loss reports per 100,000 people as of June 2023.¹¹ Credit card fraud is the number one type of loss reported (30%).

The median losses among the 30 to 39 age group averages $500.

Early detection is essential to converting the financial damage that results from someone else using your credit card account. Younger people may be more accustomed than those who are older to respond to alerts or spot things that are amiss in their credit reports.  

People who are at least 80 years old experienced the highest median loss due to fraud, totaling approximately $1,500 per reported incident.¹¹

Once the criminals have your credit card information, they can sell it on the dark web. The marketplace for black market credit card data is huge. 

 The cards may be sold as cloned physical cards or account information only¹²:

• $171 is the average price of a physical, cloned credit card, or $0.0575 per dollar of credit limit
• $17.36 is the average price of one stolen credit card’s information, about $0.0033 per dollar of credit limit

Credit cards that are issued by different companies have different values. 

Criminals who are interested in purchasing your credit card or account number will be willing to pay more or less, depending on the issuer¹²:

• American Express: 5.13 cents per dollar
• Discover: 6.27 cents per dollar
• Mastercard: 6.47 cents per dollar
• Visa: 5.75 cents per dollar

Criminals can really do some damage if they get your full information, called “fullz.” That would include your Social Security number, mailing address, birth date, and other personal details purchased as an add on. 

Fullz goes for approximately $30 if they purchase the physical card and less than $1 for your credit card account information.¹²

It is in the best interest of merchants and credit card issuers to take action to avoid credit card breaches. That means paying more for greater security. 

With losses so high, it’s no wonder companies want to protect their financial interests — as well as that of their customers. In fact, 51% of organizations plan to increase cybersecurity spending this year.¹³

If you’re looking for a glimmer of hope, you’ll find it in the statistics about new account fraud. It occurs when criminals use the information that is available from data hacks to open new accounts in your name. They charge with the credit card, leaving you the bill. 

Losses from new account fraud declined in 2022 by 42% to $3.2 billion.¹⁴

There are a few actions you can take to reduce the problems associated with credit card data breaches: 

• Check your credit report to detect whether somebody has opened a card in your name.
• If you see anything that seems strange, dispute it with the credit bureau immediately. 
• Only shop from secure eCommerce websites
• Change your password frequently and make sure it is extremely complicated. 
• Do not keep your passwords logged into your computer. 

And pay attention to the news. When you hear that there has been a data breach at a retailer that you frequent, or with a credit card issuer that you have, contact the company to protect your personal data. 

If you want to take additional measures, place a freeze on your credit report. This way, no one but you can access the information on your credit report, and fraudsters cannot open an account in your name. By taking a few preventative measures, you can make sure your personal and financial information is safe from hackers. 

¹ https://www.clearlypayments.com/blog/credit-card-fraud-in-2023/

² https://www.nytimes.com/2021/12/23/business/capital-one-hacking-settlement.html

³ https://upgradedpoints.com/credit-cards/credit-card-fraud-hotspots/

⁴ https://www.ftc.gov/news-events/news/press-releases/2023/02/new-ftc-data-show-consumers-reported-losing-nearly-88-billion-scams-2022

⁵ https://www.scmagazine.com/news/bidencash-card-shop-leaks-2-million-payment-card-records#

⁶ https://www.ftc.gov/news-events/news/press-releases/2005/12/dsw-inc-settles-ftc-charges

⁷ https://www.idtheftcenter.org/wp-content/uploads/2022/09/2022-Consumer-Impact-Report_V3.4_Final_Linked.pdf

⁸ https://blog.knowbe4.com/88-percent-of-data-breaches-are-caused-by-human-error

⁹ https://lanterncredit.com/credit-cards/how-credit-card-frauds-are-caught

¹⁰ https://www.bleepingcomputer.com/news/security/see-tickets-discloses-25-years-long-credit-card-theft-breach/

¹¹ https://public.tableau.com/app/profile/federal.trade.commission/viz/AgeandFraud/Infographic

¹² https://www.comparitech.com/blog/vpn-privacy/dark-web-prices/

¹³ https://securityintelligence.com/articles/cost-of-a-data-breach-2023-financial-industry/#

¹⁴ https://www.paymentsjournal.com/javelins-identity-fraud-study-highlights-the-changing-nature-of-fraud/