As criminals branch out, unexpected industries are becoming their new targets.
We examined IBM’s “Cost of a Data Breach” research, grouping breach targets by year and industry to find that while the overall cost of breaches fell slightly in 2024, to $9.36 million, many industries once considered low-priority for hackers saw their costs increase.
Breach incidents cost companies across most industries more in the past year: 13 industries saw their cost per breach increase, while 4 lowered or kept their costs stable.
However, the industries seeing the biggest jumps aren’t typically associated with cybersecurity attacks. Here’s what we found.
Key Takeaways
- Where breach costs are surging: Retail, industrial, and tech industries have seen breach costs jump more than 17%.
- Industrial and tech have the highest dollar increases for breach costs, up $830K and $790K per incident.
- Customer-facing industries also see costs rising fast: Hospitality, entertainment, and professional services saw +13% increased costs.
- Old patterns are being replaced: Though it’s a typically vulnerable industry, healthcare breach costs dropped 10.6%, indicating the industry is investing in protections.
A Rapid Rise in Retail Breach Costs, +17.6%
With a 17.6% increase from 2023 to 2024, the average cost of a breach in retail now stands at $3.48 million.
It’s a big increase for retailers, with breach costs up 10.6% above the all-industry average, faster growth in breach costs than any other industry included in the report.
This doesn’t mean more attacks, but it suggests that breaches are becoming more severe and costly.
Multiple reasons may explain retail’s faster-rising costs. But no matter the causes, retail teams must recognize that any previous immunity they had to large-scale breaches is dissipating, and it’s increasingly urgent that they address escalating breach costs.
"A minor breach can quickly escalate into a catastrophic event if left unchecked. Breaches have resulted in settlements ranging from $30 to $50 million, with customer data exposure affecting anywhere from 9 to over 300 million records. Companies that fail to invest in robust cybersecurity platforms risk prolonged recovery periods, severe financial penalties, and the erosion of customer trust. These costs that far exceed the price of proactive defense." - Joshua Burgin, CPO, Upwind.
As retail organizations work to shore up the unique security challenges that disproportionately increase breach costs, teams in industrial and technology organizations join their retail peers in grappling with quickly escalating breach costs.
Industrial & Tech Hit with Highest Breach Cost Increase — $830K & $790K per Incident
Industrial and technology organizations’ steep rise is notable: their already high breach costs added another $830,000 and $790,000 burden per incident, respectively.
Industrial organizations in manufacturing or chemical processing and engineering are suffering from breach cost increases of 17.5%, 10.5% above the average, while technology companies, including software and hardware, saw a 17.0% increase in breach costs, landing their current incident cost 9.9% higher than the average.
While retail saw the fastest growth in breach costs, its overall breach expenses remain lower than in industrial and tech sectors with a 2024 incident cost of $3.48 million (the second-lowest amount of any industry in the analysis). That reflects a cost per breach increase of “just” $520,000 per incident.
What’s Driving Breach Cost Increases Across All Three Industries?
Though the retail industry’s breach cost remains low comparatively, it shares some characteristics with the other two industries that may be contributing to overall cost increases for all three.
These industries are collectively challenged by high operational disruption risks, complex interconnected environments, and increasingly attacks by sophisticated threats, from ransomware to supply chain attacks and zero-days.
Customer-Facing Industries are Seeing 13%+ Cost Spikes
In hospitality, professional services (including legal, accounting, and consulting firms), and entertainment (from movie production to sports, gaming, and casinos), breach costs are up more than 13%.
Each industry saw its average breach cost rise considerably more than the average numeric increase of $247k per breach across the 17 industries analyzed.
| Industry | % increase | Numeric increase |
| Hospitality | 13.7% | $460k |
| Professional Services | 13.6% | $610k |
| Entertainment | 13% | $470k |
| Average | 7% | $247k |
Each of these industries added more than $460,000 to the cost of a breach from 2023 to 2024. Overall, industries seeing rising costs, like consumer-facing industries with less breach history and fewer cybersecurity investments, include many sectors that have only recently begun finding themselves “easier” targets.
With vast amounts of consumer data and varying levels of cybersecurity maturity, sectors like hospitality, professional services, and entertainment are seeing themselves become the new prime targets.
But that’s only part of the story.
“Willie Sutton famously said he robbed banks "because that’s where the money is." Today’s cybercriminals follow the same logic, targeting industries like hospitality, travel, and consumer services because that’s where the data is. These businesses collect treasure troves of sensitive information - not just names and credit cards, but also customer behavior and spending patterns - making them irresistible targets.” - Joshua Burgin, CPO, Upwind
As these rapidly digitizing industries continue to scale and diversify their ecosystems, they may be seeing that breaches are increasingly likely to impact large-scale operations and systems in ways that are expensive to fix.
Breach Costs Drop in Healthcare & Government as Security Maturity Pays Off
In traditionally breach-prone healthcare, costs per breach dropped 10.6% from 2023 to 2024, more than in any other industry. And with the highest cost-per-breach of any industry, that represents a hefty $1.16 million drop in cost per incident.
Non-consumer-facing industries are overrepresented among industries that lowered their cost per breach over the same time span. For example, the biggest industries with the highest reduction in breach costs occurred among healthcare, education, public (government and non-governmental organizations), research, and consumer goods manufacturers and distributors, who all lowered their breach costs, with reductions averaging 9.74%.
What might account for the decline?
For one thing, while industries that handle sensitive consumer data—such as healthcare, education, government, and NGOs—have always been prime targets for breaches, many of the top cost-containing industries primarily serve government and corporate clients rather than individual consumers.
The increasing focus on consumer-facing industries suggests a shift in cybercriminal tactics, potentially indicating new motivations beyond simply obtaining sensitive data for resale on the black market.
There’s another commonality among those reducing their per-breach costs: they often represent large public and heavily regulated entities that invested early in security. While consumer-facing industries face more structural challenges and vulnerabilities.
"Consumer-facing industries are uniquely vulnerable because they're often built on a patchwork of legacy systems, outsourced IT management, and countless third-party integrations. This involves everything from payment providers to fulfillment services. Each of these components can introduce exploitable security gaps, and attackers know exactly where to look. Without a strong, centralized cybersecurity strategy, it's a game of digital whack-a-mole for these companies." - Joshua Burgin, CPO, Upwind.
So, while industries like healthcare and government might remain attractive targets for security breaches, their mature cybersecurity infrastructures have deep experience in heading off and responding to incidents. That likely helps keep the identification and remediation of threats strong. With earlier, better detection comes reduced breach costs.
The Changing Face of Breach Costs
The fact that traditionally targeted sectors like healthcare are lowering their costs per breach while others like retail, hospitality, professional services, and entertainment are seeing costs rise has implications for cybersecurity strategies moving forward.
First, even well-known targets can significantly reduce their exposure. Today, sectors like healthcare and finance can leverage regulatory mandates and proactive security measures to mitigate the financial fallout of breaches.
Meanwhile, other sectors are struggling. As healthcare reduces overall breach costs, retail is paying the price of an evolving breach landscape.
As the cost of breaches continues to climb in many industries, the disparity between retail’s increasing burden and healthcare’s success will get even slimmer — and raise critical questions: What lessons can rising-cost sectors learn from sectors like healthcare? How can these industries begin to anticipate and contain breaches before they spiral out of control?
The next phase of cybersecurity will likely be defined not just by preventing breaches or the number of breaches they experience but by how well they minimize their financial and operational impact.
Methodology
We based our assessment on IBM’s 2024 “Cost of a Data Breach” research, detailing costs per breach across 17 industries in 2023 versus 2024.
