A data breach is a security incident where unauthorized individuals gain access to, steal, or expose confidential data (such as personal, financial, or intellectual property) without permission.
Last week Friday, February 23, Amazon’s threat-intelligence disclosed that a Russian-speaking threat actor used commercial gen AI tools to breach 600 Fortinet firewalls across 55 countries from mid-January to mid-February.
Global breach data show that the United States alone accounts for 23.5 billion leaked records in total since 2004 —roughly half of all exposures among the world’s top 10 most-breached nations.
Meanwhile, while Russia, despite being a major perpetrator of cyberattacks, ranks second with 8.8 billion of its own records compromised, at 61 per capita.
TL;DR
- Over the past 21 years, the United States has leaked more than 4.47 billion email accounts and 3.5 billion other personal records.
- Between Q1 2024 and Q3 2025, the top 10 most breached countries accounted for over 50 billion exposed records.
The data for this explainer was drawn from SurfShark and accessed via Statista.
Ranked: Exposed Email Accounts and Other Personal Records By Country (Q1 2024 – Q3 2025)
The table below shows the number of email accounts and other personal records exposed in data breaches for the top 10 countries.
All values are expressed in millions to reflect the scale of global data exposure.
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Country | Leaked Data Points (Email Accounts) | Leaked Data Points (Other Personal Records) |
|---|---|---|---|---|---|---|---|
| 1 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | United States | 4,468.21 | 18,988.97 |
| 2 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | Russia | 3,313.39 | 5,483.87 |
| 3 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | China | 1,975.89 | 3,024.13 |
| 4 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | France | 703.91 | 1,857.77 |
| 5 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | India | 636.66 | 1,698.65 |
| 6 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | Brazil | 437.95 | 1,414.74 |
| 7 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | Germany | 418.37 | 1,219.07 |
| 8 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | United Kingdom | 380.59 | 1,215.83 |
| 9 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | Canada | 340.34 | 769.12 |
| 10 | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | emmanuel-ashemiriogwa | 27/02/2026 12:43 AM | Italy | 263.04 | 755.18 |
The AI-Powered Fortinet Breach
Between mid-January and mid-February 2026, a Russian-speaking threat actor compromised more than 600 FortiGate firewalls across 55+ countries using commercial generative AI tools.
What makes this campaign alarming is its simplicity: most breaches exploited weak configurations, not advanced vulnerabilities.
In practical terms, the attackers were walking through doors left unlocked.
Generative AI tools handled nearly every stage of the operation, from scanning and scripting to credential extraction, VPN automation, and operational checklists.
Tasks that once required large, coordinated groups were executed by a low- to medium-skilled actor.
After gaining access, the attacker stole full device configurations, including passwords and network maps, and attempted to penetrate Active Directory and backup systems.
Some targets resisted, their patched systems or basic defenses forcing the attacker to abandon operations, while some were easier to get into.
For a company like Amazon, this level of access could expose internal credentials, disrupt services, and put user data at risk.
The campaign shows that AI can easily be used to industrialize cyberattacks.
The 21-Year Context
The FortiGate breach didn’t happen in a vacuum.
It’s part of a much larger, long‑running, two-decade-old trend. Data exposures have steadily ballooned, and recent figures show they’re still accelerating.
Between 2004 and October 2025, the United States recorded the highest number of leaked records online, with more than 4 billion email accounts and 18 billion other personal records exposed.
That’s roughly half of all records among the top 10 most affected countries, according to SurfShark.
In total, the top 10 account for over 50 billion leaked records between Q1 2024 and Q3 2025, a volume that makes the U.S. share look disproportionate.
Meanwhile, Russia, a nation frequently associated with state‑linked cyber activity, ranks second with about 3 billion leaked emails and 5 billion other records exposed.
Ironic that the same country often fingered as a source of attacks also appears near the top of exposure lists.
The American Breach Catastrophe
Since 2004, the United States has seen over 4.47 billion email accounts and 3.5 billion other personal records exposed online.
That averages out to roughly 13 email accounts and 70 personal records per American, meaning that every person has, on average, multiple pieces of personal information leaked over the past 21 years.
This volume alone surpasses the combined totals of the next five most affected countries, showing just how concentrated data exposure is in the U.S.
The numbers reflect a pattern of persistent vulnerability, in which everyday consumer emails, financial identifiers, and personal records are repeatedly compromised by malicious actors.
What this shows is sobering.
Over two decades, billions of exposures have highlighted systemic weaknesses in cybersecurity practices across both public and private sectors.
The fact that one country accounts for nearly half of all top‑10 breaches explains why identity theft, phishing, and fraud remain pervasive, and underscores how ordinary Americans are caught in a continuous cycle of digital risk.
ELI5
Over two decades, billions of emails and personal records have been exposed worldwide, with the United States alone responsible for nearly half of the top 10 breaches.
AI-augmented attacks recently targeted hundreds of FortiGate firewalls, showing how automated tools now let even low-skilled actors access massive amounts of data quickly and globally.
Sources:
SurfShark | Statista | Amazon Press Release