The Average American Had Personal Information Stolen at Least 4 Times in 2019

Over the past decade or so you’ve probably noticed the increasing frequency of major data breaches around the world. There have been at least 200 documented data breaches since 2005, and the number of records exposed is only on the rise as more folks move their lives online. With more people transitioning facets of their lives online in the context of the “stay home” orders of the 2020 pandemic, these numbers of are sure to climb even higher in years to come. Doesn’t help to think that these are also the times where people find themselves shorter in cash and struggling to make basic payments such as their mortgages.

But how is all of this affecting the average American consumer? We wanted to take a snapshot of 2019 to see how likely it is that your data was misused at least once just last year. We compiled public data breach information from several sources and determined that the average American had their data stolen at least four times last year. That’s a breach of your personal information every three months.

It’s impossible to know the impact and extent to which data breaches are occurring as many almost certainly go unreported. Here are some of the data breaches we analyzed in our research:

Data Breaches Affecting Americans in 2019

First American Corporation885,000,000
Facebook (1)540,000,000
Facebook (2)267,000,000
Capital One106,000,000
Quest Diagnostics11,900,000
Adobe Inc.7,500,000
Facebook (3)1,500,000

Methodology & Limitations

There are many variables at play when determining how many times your data may have been compromised last year. Folks who use the internet more often, log in to a large number of accounts each day or aren’t online much at all have different risks. We calculated the probability of your data having been stolen last year but cannot account for personal factors that might change your individual exposure to a data breach.

These breaches vary in severity by the number of records exposed, the sensitivity of the data exposed, as well as what types of data were compromised. For example the Microsoft security lapse in 2019 was merely a temporary public “exposure” of records with no evidence found that the data had been stolen. That’s different than Facebook’s multiple data breaches last year that left a tranche of personal information exposed with documented, ongoing use of said data.

Protecting Yourself Online

As more of our lives move to the online world, that data becomes a bit of a liability. Security software and data security tactics seems to always be at least one step behind potential breaches, and as humans (including humans at major companies) we all make mistakes. The most common outlets for breached data were Social Media Sites, Tech (Apps, other software) and Websites (including online retail) so take care to only use your passwords once on each site so that a single personal data exposure doesn’t expose your entire online world. A password manager or even Chrome’s internal system can help you do organize strong passwords.

In the end, though what makes these data breaches so scary and infuriating, is that we want and sometimes need to trust companies such as Facebook, Adobe and First American with our personal information. Personal digital hygiene would not have prevented many of these back-end data breaches but it can help minimize the impact.