The average cost of an organisation for a data breach has risen 13 per cent to Rs 22 crore in 2025 from Rs 19.5 crore in the year-ago period, according to a report released on Thursday. However, despite the surge in costs, the security in artificial intelligence is still lacking, the report by global tech major IBM said.
The average cost of data breaches in India reached $2.18 million in 2023, marking a 28 per cent increase since 2020, according to the Reserve Bank of India's (RBI) Currency and Finance report for 2023-24. The report said that India's average data breach cost was still below the global average. The most common attacks in India are phishing which was at 22 per cent and stolen or compromised credentials was 16 per cent. The automotive industry is highly vulnerable to cyber attacks, whereas the banking and financial services sector, benefiting from stringent regulations, enjoys comparatively stronger protection.
Bank of America has named Infosys McCamish Systems as a source of a data breach that it said affected 57,028 customers, as per documents submitted to the Maine Attorney General in the US. Infosys McCamish Systems (IMS) is an Infosys' step-down subsidiary. The notification, penned on behalf of Bank of America, describes the breach as an "external system breach (hacking)", while the information acquired has been mentioned as "name or other personal identifier in combination with: social security number".
The Indian rupee weakened to a record intra-day low against the US dollar due to a strengthening greenback, continuous foreign capital outflows, and elevated global crude oil prices amidst the West Asia conflict.
The Indian rupee rebounded against the US dollar after the Reserve Bank of India (RBI) restricted banks' net open positions in dollars. This move prompted banks to sell dollars, providing temporary support for the rupee amidst ongoing geopolitical tensions and rising oil prices.
Security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic with the cost of data breaches to Indian organisations rising close to 18 per cent to Rs 16.5 crore on an average between May 2020 and March 2021, according to a report by IBM. The study pointed towards similar trends in other parts of the world with data breaches costing surveyed companies $4.24 million per incident on an average - the highest in the report's 17-year history.
'Why does a State that sees a national security issue at every turn not recognise the seriousness of the data from sensitive databases being breached?'
'Given the proportion of the global leak, it is very likely that the data of Indian citizens might be on the dataset.'
The average cost of a data breach in India reached Rs 17.9 crore in 2023, according to the IBM Security report that classified it as an "all-time high" for the report and almost a 28 per cent increase since 2020. The most common attack type in India was phishing (almost 22 per cent), followed by stolen or compromised credentials (16 per cent). Social engineering was the costliest root cause of breaches at Rs 19.1 crore, followed by malicious insider threats, which amounted to nearly Rs 18.8 crore.
At a time when services are rapidly digitising in India, enterprises are witnessing a rise in cases of sensitive data exposure risks and breaches.
The Home Ministry has informed a parliamentary committee that security agencies utilise open-source intelligence, including social media, for information gathering, ensuring no privacy breach as personal data is not collected.
Hacker group John Wick is said to be responsible for the Paytm Mall database breach.
Are you worried your personal information linked to Aadhar may be compromised?
The Indian rupee depreciated significantly against the US dollar, reaching a new all-time low due to rising oil prices, a strong dollar, and ongoing geopolitical concerns. Domestic equity market declines and foreign investment outflows further contributed to the rupee's weakness.
'Economic activity appears to have peaked in the second quarter of FY26, with industrial output, exports, and business confidence all softening from October 2025.'
The Indian rupee weakened against the US dollar due to a strengthening dollar, high crude oil prices, and foreign fund outflows amid geopolitical uncertainties.
Remittances from West Asia in March rose sharply amid the conflict in the region, with industry insiders estimating inflows to be 20-30 per cent higher than what is usual in a month.
Sellers downloading their monthly financial reports were served with those of other vendors, leading to a breach of competitive businesses data.
The government has raised the penalty amount to up to Rs 500 crore for violating the provisions proposed under the draft Digital Personal Data Protection Bill 2022 issued on Friday. The draft personal data protection bill in 2019 proposed a penalty of Rs 15 crore or 4 per cent of the global turnover of an entity. The draft proposes to set up a Data Protection Board of India, which will carry on functions as per the provisions of the bill.
'Periods of geopolitical uncertainty often see a rise in coordinated cyber threats, disinformation campaigns, and infrastructure targeting.'
From April 1, 2026, the Reserve Bank of India's new authentication directions modernise how every digital payment you make must be verified -- and place the burden of security squarely on your bank, not on you.
Indian companies lose over Rs 6 crore (Rs 60 million) annually to data breaches resulting from system glitches, human errors and malicious attacks, security software maker Symantec said.
The world's top brands across sectors might lose between $93 billion and $223 billion because of a data breach, a first-of-its-kind study by Interbrand and Infosys, called 'Invisible Tech, Real Impact', has found. This represents 4-9.6 per cent of their cumulative value. The study gains significance in the backdrop of yet another massive hack, this time of Microsoft's email software, which is estimated to have affected at least 60,000 known victims globally, according to Bloomberg. The study found that there is a long-term impact of data breaches on brands across sectors.
The Indian rupee weakened against the US dollar due to rising crude oil prices, geopolitical tensions in the Middle East, and foreign fund outflows.
By the time the security failure is discovered and fixed, the damage is already done. A CIO survey by Forcepoint and Frost & Sullivan found that 69 per cent of Indian organisations were at risk of data breach. Whenever there is data breach, there is a potential disaster waiting to happen.
DPDP Act (2023) gives individuals the right to decide how their personal data is collected and used. For many businesses, this means reworking longstanding data practices, notes Ravi Duvvuru.
Shadow AI, the unauthorised use of artificial intelligence tools, models, or platforms, is emerging as a new threat.
India's market regulator has found that Bank of America shared confidential details ahead of a 2024 block trade and later misled regulators during the investigation.
'One has to be very mindful because it will be applicable for big tech platforms and even for banks and insurers, whose business is completely different.'
As many as 641 customers across 19 banks have been duped of Rs 1.3 crore using stolen debit card data
If the data breach is found to be genuine, and if the company is found guilty on the grounds of dereliction of duty, or misleading the general public and the RBI about the data breach, actions taken against it will be severe, the person quoted above said.
Recently, an Air India flyer sent a legal notice to the airline seeking damages of Rs 30 lakh for the breach of personal data of 4.5 million passengers, including her husband and herself. Air India had informed the complainant of the data leak a month earlier, after it emerged that its passenger service system provider fell prey to a cyberattack in February. However, in the absence of a data protection law, India lacks a mechanism for compensation or grievance redress of consumers in such cases, say experts. Advocate Virag Gupta, a New Delhi-based cyber law expert, explains that a legal notice is a good beginning in the Air India case, but it raises many questions. These include whether sensitive personal information has been leaked and whether the airline is responsible or not, given that a passenger service system provider was also involved.
Grocery e-commerce platform BigBasket has faced a potential data breach which could have leaked details of its around two crore users, according to cyber intelligence firm Cyble. The company has filed a police complaint in this regard with the cyber crime cell in Bengaluru and is verifying claims made by cyber experts.
The notice came after reports that political parties had used the data analytics firm during elections.
When everyone has footage and no one can verify it, the loudest voice wins, notes Prem Panicker who begins a daily blog on the War in the Middle East.
It is alleged that Cambridge Analytica received data from Global Science Research which employed 'illegal means' of personal data harvesting of Indians using Facebook, they said.
British data analytics firm Cambridge Analytica is at the centre of a controversy in India, the United States and Britain after two newspapers reported on Sunday that the company harvested personal data about Facebook users beginning in 2014. How does that matter, what does it entail and should you be worried? All these answers and more, explained right here.
Cybersecurity breaches have emerged as the top risk shaping organisational performance, with 61 per cent of respondents identifying it as the primary risk, said a Ficci and EY report.
The rupee breached 90-levels against the greenback for the first time on Wednesday, falling 6 paise to 90.02 in early trade, as banks kept buying US dollars at higher levels and FII outflows continued.
It underperformed peers amid volatile capital flows and uneven forex support.
© 2026 Rediff.com - Advertise with us - Disclaimer - Privacy Policy - Sitemap - Feedback - About us - Terms of use - Grievances