- In the first half of 2025, there were 1,732 data compromises in the U.S. The Identity Theft Resource Center says that’s ahead of 2024’s pace and could result in a new record this year. Exactly how many people were impacted by those hacks remains unknown, however.
Hackers have been busy this year.
The Identity Theft Resource Center says it has tracked 1,732 data compromises in the first half of 2025. That’s 5% ahead of last year’s mid-year pace and could put the U.S. on track for a new record.
The bigger question on how many people were impacted by those data compromises is a bit murkier, however. The ITRC has been outspoken in recent years about transparency requirements for companies that have data compromises, urging them to report how many records were impacted.
Federal, state, and local governments, however, have not made efforts to update laws.
“Through the first half of the year, we’ve seen a continuation, and in some cases, acceleration of the trends from 2024,” said James E. Lee, President of the Identity Theft Resource Center. “Some of these trends are troubling – like the lack of transparency surrounding what caused more than two-thirds of compromises.”
The number of victim notices in the first half of the year was just shy of 166 million. That, however, represents just 12% of the victim notices issued by the mid-point of last year. That’s due, in part, to the number of mega-breaches that occurred last year (and the lack of those large-scale breaches so far in 2025).
The biggest breaches, so far, this year were to PowerSchool, which resulted in 71.9 million victim notices, and repackaged data from a 2021 attack on AT&T, which impacted nearly 44 million people.
