The average cost of an organisation for a data breach has risen 13 per cent to Rs 22 crore in 2025 from Rs 19.5 crore in the year-ago period, according to a report released on Thursday. However, despite the surge in costs, the security in artificial intelligence is still lacking, the report by global tech major IBM said.
The average cost of data breaches in India reached $2.18 million in 2023, marking a 28 per cent increase since 2020, according to the Reserve Bank of India's (RBI) Currency and Finance report for 2023-24. The report said that India's average data breach cost was still below the global average. The most common attacks in India are phishing which was at 22 per cent and stolen or compromised credentials was 16 per cent. The automotive industry is highly vulnerable to cyber attacks, whereas the banking and financial services sector, benefiting from stringent regulations, enjoys comparatively stronger protection.
Bank of America has named Infosys McCamish Systems as a source of a data breach that it said affected 57,028 customers, as per documents submitted to the Maine Attorney General in the US. Infosys McCamish Systems (IMS) is an Infosys' step-down subsidiary. The notification, penned on behalf of Bank of America, describes the breach as an "external system breach (hacking)", while the information acquired has been mentioned as "name or other personal identifier in combination with: social security number".
Security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic with the cost of data breaches to Indian organisations rising close to 18 per cent to Rs 16.5 crore on an average between May 2020 and March 2021, according to a report by IBM. The study pointed towards similar trends in other parts of the world with data breaches costing surveyed companies $4.24 million per incident on an average - the highest in the report's 17-year history.
'Why does a State that sees a national security issue at every turn not recognise the seriousness of the data from sensitive databases being breached?'
'Given the proportion of the global leak, it is very likely that the data of Indian citizens might be on the dataset.'
'Economic activity appears to have peaked in the second quarter of FY26, with industrial output, exports, and business confidence all softening from October 2025.'
The average cost of a data breach in India reached Rs 17.9 crore in 2023, according to the IBM Security report that classified it as an "all-time high" for the report and almost a 28 per cent increase since 2020. The most common attack type in India was phishing (almost 22 per cent), followed by stolen or compromised credentials (16 per cent). Social engineering was the costliest root cause of breaches at Rs 19.1 crore, followed by malicious insider threats, which amounted to nearly Rs 18.8 crore.
At a time when services are rapidly digitising in India, enterprises are witnessing a rise in cases of sensitive data exposure risks and breaches.
Hacker group John Wick is said to be responsible for the Paytm Mall database breach.
Are you worried your personal information linked to Aadhar may be compromised?
India's market regulator has found that Bank of America shared confidential details ahead of a 2024 block trade and later misled regulators during the investigation.
The government has raised the penalty amount to up to Rs 500 crore for violating the provisions proposed under the draft Digital Personal Data Protection Bill 2022 issued on Friday. The draft personal data protection bill in 2019 proposed a penalty of Rs 15 crore or 4 per cent of the global turnover of an entity. The draft proposes to set up a Data Protection Board of India, which will carry on functions as per the provisions of the bill.
Sellers downloading their monthly financial reports were served with those of other vendors, leading to a breach of competitive businesses data.
DPDP Act (2023) gives individuals the right to decide how their personal data is collected and used. For many businesses, this means reworking longstanding data practices, notes Ravi Duvvuru.
The world's top brands across sectors might lose between $93 billion and $223 billion because of a data breach, a first-of-its-kind study by Interbrand and Infosys, called 'Invisible Tech, Real Impact', has found. This represents 4-9.6 per cent of their cumulative value. The study gains significance in the backdrop of yet another massive hack, this time of Microsoft's email software, which is estimated to have affected at least 60,000 known victims globally, according to Bloomberg. The study found that there is a long-term impact of data breaches on brands across sectors.
Indian companies lose over Rs 6 crore (Rs 60 million) annually to data breaches resulting from system glitches, human errors and malicious attacks, security software maker Symantec said.
Shadow AI, the unauthorised use of artificial intelligence tools, models, or platforms, is emerging as a new threat.
'One has to be very mindful because it will be applicable for big tech platforms and even for banks and insurers, whose business is completely different.'
Cybersecurity breaches have emerged as the top risk shaping organisational performance, with 61 per cent of respondents identifying it as the primary risk, said a Ficci and EY report.
By the time the security failure is discovered and fixed, the damage is already done. A CIO survey by Forcepoint and Frost & Sullivan found that 69 per cent of Indian organisations were at risk of data breach. Whenever there is data breach, there is a potential disaster waiting to happen.
'In any aviation emergency, the first rule is aviate -- fly the aircraft.' 'The fact that the commander's voice is not on the recording simply means he was focused entirely on flying. It does not imply anything more than that.'
It underperformed peers amid volatile capital flows and uneven forex support.
The rupee breached 90-levels against the greenback for the first time on Wednesday, falling 6 paise to 90.02 in early trade, as banks kept buying US dollars at higher levels and FII outflows continued.
Companies, particularly those that are notified as Significant Data Fiduciaries, will have to make extensive investments in data mapping, process modification, consent management tools, tools to enable Data Principal Rights, and establish a well-structured Data Privacy Officer organisation.
As many as 641 customers across 19 banks have been duped of Rs 1.3 crore using stolen debit card data
If the data breach is found to be genuine, and if the company is found guilty on the grounds of dereliction of duty, or misleading the general public and the RBI about the data breach, actions taken against it will be severe, the person quoted above said.
Recently, an Air India flyer sent a legal notice to the airline seeking damages of Rs 30 lakh for the breach of personal data of 4.5 million passengers, including her husband and herself. Air India had informed the complainant of the data leak a month earlier, after it emerged that its passenger service system provider fell prey to a cyberattack in February. However, in the absence of a data protection law, India lacks a mechanism for compensation or grievance redress of consumers in such cases, say experts. Advocate Virag Gupta, a New Delhi-based cyber law expert, explains that a legal notice is a good beginning in the Air India case, but it raises many questions. These include whether sensitive personal information has been leaked and whether the airline is responsible or not, given that a passenger service system provider was also involved.
ICICI Bank, Eternal, Titan, Adani Ports, Tata Consultancy Services and UltraTech Cement were also among the laggards. However, InterGlobe Aviation, Tech Mahindra, Hindustan Unilever and Bajaj Finance were among the gainers.
IPL champions RCB have proposed the installation of 300-350 AI-enabled cameras at the venue and offered to bear the estimated cost of Rs 4.50 crore for this crowd management initiative.
Grocery e-commerce platform BigBasket has faced a potential data breach which could have leaked details of its around two crore users, according to cyber intelligence firm Cyble. The company has filed a police complaint in this regard with the cyber crime cell in Bengaluru and is verifying claims made by cyber experts.
From the 30-Sensex firms, Tata Steel, Asian Paints, Trent, State Bank of India, Hindustan Unilever, UltraTech Cement, ICICI Bank and Bharti Airtel were among the gainers. On the other hand, Infosys, Bajaj Finance, Bharat Electronics, Larsen & Toubro and HDFC Bank were the laggards.
The notice came after reports that political parties had used the data analytics firm during elections.
'A solid motor, once ignited, burns until the propellant is exhausted. It cannot simply stop mid-burn,' said a retired senior ISRO official. 'That is what makes this failure puzzling.' Venkatachari Jagannathan reports on the latest PSLV failure.
When it eventually releases, Jana Nayagan is expected to have an opening day collection close to -- or even above -- Rs 100 crore, largely because it is being promoted as Vijay's final movie before he focuses entirely on politics.
It is alleged that Cambridge Analytica received data from Global Science Research which employed 'illegal means' of personal data harvesting of Indians using Facebook, they said.
British data analytics firm Cambridge Analytica is at the centre of a controversy in India, the United States and Britain after two newspapers reported on Sunday that the company harvested personal data about Facebook users beginning in 2014. How does that matter, what does it entail and should you be worried? All these answers and more, explained right here.
Gold and silver prices are poised to maintain their record-setting rally in the coming week as investors focus on global inflation data and key macroeconomic indicators that shape central bank policy paths, analysts said.
The Indian rupee, swaying through multiple headwinds, tiding over global trade disruptions and massive foreign fund outlfows, is unlikely to arrest its descent until tariff impact overhangs, notwithstanding robust domestic macroeconomic tailwinds. The Reserve Bank of India (RBI), which sees the rupee's depreciation as a silver bullet to offset the tariff shock, expects the currency to find its stable course once India reaches a trade deal with its largest trading partner, the US.
According to the sources, the claim suggests that the attackers may have compromised personal information related to defence personnel, including the login credentials.
© 2026 Rediff.com - Investor Information - Advertise with us - Disclaimer - Privacy Policy - Sitemap - Feedback - About us - Terms of use - Grievances