In a year where AI adoption is racing ahead of regulation, IBM’s annual Cost of a Data Breach Report warns that too many companies are rolling out AI too fast – without securing it.
In fact, AI takes center stage in this year’s findings. On the upside, thanks largely to AI-powered detection and response tools, global breach costs fell to $4.44 million – the first decline in five years.
But attackers are adapting, too. AI was used in 16% of breaches, mostly to power phishing campaigns and deepfakes. Meanwhile, shadow AI – unauthorized AI tools running inside companies without security oversight – played a role in 20% of breaches. Of the companies hit by AI-related incidents, 97% lacked proper access controls.
“Most breached organizations reported they have no governance policies in place to manage AI or prevent shadow AI – the use of AI without employer approval or oversight. Both the covert use of shadow AI and the lack of governance are driving up breach costs.” – IBM, Cost of a Data Breach Report 2025
So while AI is helping defenders move faster, it’s also expanding the attack surface in ways many organizations aren’t prepared for. And the cost of that oversight gap is already showing: Despite the global decline, U.S. breach costs rose to $10.22 million, driven by regulatory penalties and slower detection.
Key Takeaways
- AI is shaping both offense and defense in cybersecurity. IBM’s 2025 report shows that while AI-driven tools helped reduce breach costs globally, attackers are now using AI in 16% of breaches to power phishing and deepfakes.
- Shadow AI is an emerging threat. Unauthorized AI tools were involved in 20% of breaches—nearly all in companies without proper access controls or governance.
- S. breach costs are rising despite global improvements. The average cost of a U.S. breach hit $10.22 million, driven by regulatory fines and slower detection times.
- Retail and healthcare remain prime targets. Major 2025 breaches in these sectors exposed millions of records, echoing IBM’s findings around PII, PHI, and third-party vulnerabilities.
- Bluefin’s tokenization and P2PE could mitigate breach fallout. In each of the top breaches analyzed, devaluing sensitive data at the point of entry would have reduced risk and compliance exposure.
Key Highlights From the Report:
- The average breach lifecycle dropped to 241 days, the shortest in nine years – but 76% of organizations still took more than 100 days to fully recover from a breach.
- Customer personally identifiable information (PII) was the most frequently compromised data type, involved in 53% of breaches.
- 30% of breaches involved data spread across multiple environments. These had the highest average cost at $5.05 million and the longest average lifecycle at 276 days.
- AI governance remains a major gap, with 63% of organizations lacking formal policies and only 34% conducting regular audits to detect shadow AI.
- Healthcare was the costliest sector for the 14th year: Breaches had an average cost of $7.42 million and took 279 days to detect and contain.
- Malicious insiders were the most costly attack vector overall, with breach costs averaging $4.92 million.
- Phishing was the most common cause of breaches, accounting for 16% of incidents, and remained one of the most expensive, with an average cost of $4.8 million.
- Only 49% of breached organizations planned to increase their security investments, compared to 63% the previous year.
The Biggest Data Breaches of 2025
The headline-grabbing data breaches this year echo many of IBM’s key findings. Some of the most significant incidents to date include:
- Marks & Spencer, Co-operative Group, and Harrods
- Yale New Haven Health
- Episource
- Allianz Life
- DeepSeek
Marks & Spencer, Co-operative Group, and Harrods
Records breached: 6.5 million
In April and May 2025, the hacking group Scattered Spider targeted a number of major British retailers, including Marks & Spencer, Co-operative Group, and Harrods. M&S was hit hardest. Its systems were breached via a phishing attack, which tricked IT staff into resetting admin-level credentials at a third-party vendor.
The resulting ransomware attack disrupted e-commerce operations across more than 1,400 stores. Hackers accessed customer PII, including customer names, email addresses, birthdates, and physical addresses. The breach caused M&S an estimated £300 million in lost revenue and wiped approximately £1 billion off its market value.
How Bluefin could’ve helped: Bluefin’s vaultless tokenization could have devalued customer PII like names and addresses at the point of entry, while P2PE would have secured any cardholder data across POS and eCommerce. Together, these controls reduce the usefulness of stolen data and limit breach impact.
Yale New Haven Health
Records breached: 5.6 million
In March 2025, Yale New Haven Health experienced the biggest healthcare data breach of the year so far. Hackers accessed a shadow data surface – a lightly secured segment outside core clinical systems – and stole demographic data such as names, birthdates, contact details, medical record numbers, and Social Security numbers.
Clinical and financial systems were untouched, but the exposed PII and protected health information (PHI) still posed serious regulatory and identity theft risks – and led to federal class-action lawsuits. The healthcare system also faced the additional costs of notifying and providing identity protection services to affected patients.
How Bluefin could’ve helped: Bluefin’s ShieldConex tokenization could have protected PII and PHI in shadow environments by rendering it unreadable—even if accessed. This would significantly reduce exposure in non-clinical systems and support HIPAA compliance.
Episource
Records breached: 5.4 million
The second-largest healthcare breach of 2025 also happened early in the year when attackers breached Episource, a UnitedHealth/Optum subsidiary specializing in billing, coding, and analytics.
Unlike the Yale breach, this one exposed clinical data in addition to PII and PHI. Patients’ Medicare and Medicaid ID numbers, insurance details, diagnoses, provider names, test results, and treatment histories were among the stolen data.
Episource notified affected individuals and offered identity protection services. In June, a class-action lawsuit was filed, alleging HIPAA violations and delays in public disclosure.
How Bluefin could’ve helped: For data spanning both PII and clinical records, Bluefin’s tokenization and encryption could have neutralized the risk by protecting data at ingestion across payment, demographic, and treatment systems—while preserving workflow integrity for healthcare analytics.
Allianz Life
Records breached: 1.4 million
In July 2025, insurance giant Allianz Life suffered a social engineering attack. Posing as IT staff, attackers tricked a third-party vendor used by Allianz into granting them access.
Allianz’s internal systems – including policy administration and financial platforms – were not directly breached, but attackers exfiltrated sensitive PII, including names, dates of birth, addresses, email addresses, phone numbers, policy identifiers, and Social Security numbers.
Allianz offered affected individuals identity monitoring and credit protection. In late July, a class-action lawsuit was filed alleging HIPAA violations, delayed breach notification, and insufficient security controls.
How Bluefin could’ve helped: Bluefin’s tokenization and P2PE would have devalued the sensitive PII accessed through a third-party vendor, minimizing exposure in the event of vendor-side compromise and aligning with privacy and compliance requirements.
DeepSeek
Records breached: 1 million
In January 2025, AI startup DeepSeek suffered a major breach when a misconfigured database was left publicly accessible – no password required. Over 1 million sensitive records exposed, including user chat histories, API authentication tokens, backend credentials, and internal logs.
The incident revealed sensitive operational data that could have allowed attackers to manipulate systems or extract further information from connected environments. The breach triggered platform-wide service interruptions and regulatory scrutiny that forced DeepSeek to suspend global signups.
How Bluefin could’ve helped: If DeepSeek had implemented vaultless tokenization, even a misconfigured database wouldn’t have exposed meaningful information. Tokens would replace sensitive values like chat logs or credentials, making leaked records useless to attackers.
Turning Breach Lessons into Action
IBM’s 2025 Cost of a Data Breach Report paints a clear picture: while AI-powered tools are helping defenders detect threats faster, attackers are leveraging the same technology via phishing, deepfakes, and shadow AI to outpace outdated defenses. The biggest breaches of 2025 confirm this trend, showing how fast-moving threats exploit unsecured environments, third-party vendors, and valuable personal data.
Retailers suffered massive losses due to phishing-based third-party attacks while healthcare saw millions of records with PII and PHI stolen from overlooked systems. Even an AI company like DeepSeek wasn’t immune, exposing sensitive operational data through a misconfigured, unprotected database.
Across industries, the common thread is the same: sensitive data remains too easy to steal – and too valuable when breached.
What’s Next In Data Breach Risk?
As organizations race to adopt AI and modern infrastructure, the cyber threat landscape is evolving just as quickly. Looking ahead, the next phase of breach risk will be shaped by several accelerating trends:
- AI Arms Race: While AI-powered defense tools are improving detection, threat actors are adopting generative AI to automate phishing, clone voice and video, and bypass authentication. Shadow AI will remain a weak spot unless organizations implement strict governance policies.
- Expanding Attack Surfaces: The move toward cloud, edge computing, and embedded finance means sensitive data now travels across more systems and vendors. Weak links like misconfigured databases or unsecured APIs will remain high-value targets for attackers.
- Data Fragmentation and Interoperability Gaps: The increasing use of third-party platforms, IoT devices, and hybrid environments makes it harder to enforce consistent security and compliance policies. Breaches involving data across multiple environments are already the costliest.
- Privacy Regulations Catching Up: With growing public concern over AI and data misuse, regulations like GDPR, CCPA, and new global frameworks will introduce stricter requirements for encryption, access controls, and breach response.
To stay ahead, enterprises must go beyond perimeter defenses and rethink their approach to data itself. Devaluing sensitive data at the point of entry, through tokenization and encryption, limits its usefulness even if breached. Bluefin’s PCI-validated P2PE and ShieldConex® vaultless tokenization help organizations enforce consistent data protection across channels and environments.
Data breaches aren’t going away — but the damage they cause doesn’t have to be inevitable.
How Bluefin Devalues Data and Derails Breaches
Attacks are evolving, but many modern breaches simply exploit existing risks. Bluefin’s data security solutions are purpose-built to neutralize these risks. With Bluefin’s PCI-validated point-to-point encryption (P2PE) and ShieldConex® vaultless tokenization, organizations can devalue sensitive data – like PII, PHI, and payment information – by converting it into unreadable, unusable code the moment it enters their system. This way, even if hackers break in, the stolen data is worthless to them.
In a landscape where lightly secured systems are often the first target, devaluing data remains one of the most powerful defenses you can deploy. Read IBM’s full report and get in touch with Bluefin to safeguard your most sensitive data.
Data Breach FAQs
What is the IBM Cost of a Data Breach Report?
IBM’s 2025 Cost of a Data Breach Report found that the global average cost dropped to $4.44 million, marking the first decline in five years. However, in the United States, the average breach cost rose to $10.22 million, driven by regulatory penalties and slower detection times.
How is shadow AI contributing to recent data breaches?
AI is having a dual impact. While AI-powered detection tools helped reduce breach costs, attackers are using AI in 16 percent of breaches to fuel phishing campaigns and create deepfakes. Additionally, shadow AI was involved in 20 percent of breaches and often operated without proper access controls.
Why is shadow AI a concern for organizations?
Shadow AI refers to unauthorized AI tools running within organizations without formal oversight. In the IBM report, 97 percent of AI-related breaches occurred in companies lacking proper access controls, and 63 percent had no formal AI governance policies in place.
What types of data are most commonly compromised?
Customer personally identifiable information (PII) was the most frequently compromised, involved in 53 percent of breaches. Healthcare-related breaches also exposed protected health information (PHI) and clinical data.
Which industries faced the most costly breaches in 2025?
Healthcare was the most expensive industry for breaches for the 14th consecutive year, with average breach costs of $7.42 million and a containment timeline of 279 days. Retail also experienced large-scale incidents, often driven by phishing and third-party vulnerabilities.
