Global Data Breach Costs See First Decline in 5 Years, Thanks to AI and Automation

Based on the Cost of a Data Breach Report 2025,  the global average cost of a data breach has declined for the first time in five years, falling by 9% to USD 4.44 million. This positive trend is primarily attributed to a quicker containment of breaches, a development linked to the increased use of AI and automation in security. However, this global average does not reflect the experience of all countries. In the United States, for example, the average cost of a data breach rose by 9% to a new record of USD 10.22 million, driven by higher regulatory fines and the rising costs of detection.

A significant new concern highlighted in the report is the AI Oversight Gap, where organizations are rapidly adopting AI without implementing proper security and governance policies. The data reveals that 97% of organizations that suffered an AI-related security breach lacked adequate AI access controls. Furthermore, a majority of breached organizations—63%—either do not have an AI governance policy in place or are still in the process of developing one. This lack of oversight has a direct financial impact, as breaches involving shadow AI, which is the use of AI without official company approval, added an average of USD 670,000 to the total cost of a data breach. The report also notes that attackers are increasingly leveraging AI, with approximately 16% of data breaches involving the use of AI for purposes like AI-generated phishing (37% of AI-involved breaches) and deepfake impersonation attacks (35% of AI-involved breaches).

The report also delves into the costs associated with ransomware and data types. The average cost of a ransomware attack remains high at USD 5.08 million, though more organizations are refusing to pay the ransom, a figure that increased from 59% in 2024 to 63% in 2025. Interestingly, fewer organizations are involving law enforcement, with a drop from 53% to 40% over the same period. For the 14th consecutive year, the healthcare industry faced the highest average breach costs at USD 7.42 million, largely because of the high value of compromised patient personal identification information (PII). Customer PII was the most commonly compromised data, but intellectual property was the most expensive per record, costing USD 178.

Regarding attack vectors and security investments, malicious insider attacks were the most expensive initial threat vector for the second year in a row, with an average cost of USD 4.92 million. Phishing remained the most frequent attack vector, accounting for 16% of all breaches and costing an average of USD 4.8 million. The report also found a notable decline in post-breach security spending, with only 49% of organizations planning to invest in security after a breach, down from 63% last year. Of those planning to invest, less than half intend to focus on AI-driven security solutions.