141 million breached files reveal significant data exposure.
Update, July 29, 2025: This article, initially published on July 28, has been revised to include additional details from the Anatomy of a Data Breach report, which reviewed 141 million compromised files across 1,257 breach incidents, and insights from a newly released Zscaler threat report.
The frequency of data breaches continues to rise, now underscored by an alarming analysis revealing 141 million files across 1,257 breaches, including numerous ransomware attacks. In the broader landscape of cybersecurity threats, this figure may not seem substantial, particularly when juxtaposed against staggering statistics like the leakage of 16 billion login credentials or the 184 million plaintext passwords now available online. The proliferation of readily accessible infostealers, which can be obtained for as low as $30 a month, underscores the alarming trend that these breach numbers may continue to rise. The significance of the 141 million compromised files lies not purely in their volume, but rather in the sensitivity of the data contained therein. This extensive analysis represents what is being described as the “largest content-level examination of breached datasets” and highlights the imperative need for vigilance.
The Largest Content-Level Data Breach Analysis
The Anatomy of a Data Breach report released by Lab 1 unveils the findings from this extensive evaluation, which meticulously examined 141,168,340 records across 1,297 ransomware and data breach incidents. This evaluation stands out in that it went beyond the typical focus on structured data dumps, typically concerned with credential exposure. Rather, according to Robin Brattel, CEO of Lab 1, it concentrated on assessing unstructured files that often harbor highly sensitive information, including cryptographic keys, customer account data, and sensitive commercial contracts.
The analysis has illuminated the extensive risks posed by such breaches. Financial documents were implicated in 93% of incidents, with these documents comprising 41% of all files analyzed. Moreover, bank statements appeared in nearly half of the examined breaches, while International Bank Account Numbers were identified in 36% of the datasets. Additionally, personally identifiable information (PII) linked to customers and corporations was present in 82% of these cases, with 67% of that PII arising from customer service interactions. Alarmingly, email leaks that contained U.S. social security numbers surfaced in over half of the incidents, and cryptographic keys capable of bypassing authentication were discovered in 18% of the breaches. Code files contributed to 17% of the exposed data.
Brattel highlighted a concerning trend, noting that cybercriminals are increasingly operating like data scientists, exploiting gathered insights to bolster cyberattacks and fraud. As such, it is critical for organizations to deepen their understanding of the nature of data leaks and the potential ramifications for ongoing attacks, including who might be at risk as a result.
The Impact of Data Demand on Ransomware Growth
Further insights were provided by the Zscaler ThreatLabz report published on July 29, which revealed how the demand for compromised data is shaping the ransomware landscape. According to Deepen Desai, Executive Vice President of Cybersecurity at Zscaler, ransomware tactics are evolving to prioritize extortion over encryption. The adoption of Generative AI by threat actors has led to more targeted and effective attacks, amplifying the urgency for organizations to reassess their cybersecurity strategies.
This heightened demand for data has been a significant factor in the rise of ransomware incidents, with Zscaler reporting an alarming 146% increase year-over-year in their cloud protections against ransomware attacks. This escalation marks a strategic pivot for ransomware groups, now focusing more on extorting data rather than encrypting systems. This shift resulted in a staggering 92% increase in the volume of stolen data—rising from 123 TB to 238 TB among ten major ransomware groups within the past year.
