Kasey Cromer, Netlok | October 6, 2025
Executive Summary
2025 is setting new records for cyberattacks, with over 16 billion passwords exposed and more than half of data breaches involving personally identifiable information (PII). Given increased regulatory scrutiny, increasing penalties, customer-facing risks, combined with new methods to protect yourself, every digital service user should take proactive steps to protect themselves.[1][2][3]
1. Data Breach by the Numbers
Defining Personally identifiable information (PII): PII is any type of data that can be used to distinguish or trace an individual’s identity by itself or when combined with other information. This includes direct identifiers—like full names, Social Security numbers, passport information, or biometric data (e.g., fingerprints, facial scans), and indirect ones—such as date of birth, race, gender, or place of birth that when combined with other data, can reveal the identity of a person.[4][5][6] Sensitive PII includes information like financial details, medical records, driver license numbers, phone numbers and email addresses, making this data highly valuable to cybercriminals. Protecting PII is crucial to prevent identity theft and unauthorized use.
Metrics for 2024 | Value | Source |
Passwords exposed | 16 billion | [1] |
Global cost per breach | $4.88M | [2] |
U.S. cost per breach | $9.36M | [7] |
Breaches exposing PII | 53% | [3] |
Average cost per PII record | $173-$189 | [3] |
Regulatory fines (32% of orgs) | $100,000+ | [8] |
Breach Volume Trends 2021-2025 |
Data Breaches by Year: |
2021: ████████████ 1,100 |
2022: ██████████████ 1,400 |
2023: ████████████████ 1,700 |
2024: █████████████████████ 2,100 |
2025 YTD: █████████████████████████ 2,500 |
2. Who Gets Hurt—and How?
Victims of recent breaches recount losing retirement savings, having mortgage applications denied, and enduring relentless phishing and fraud attacks. A Connecticut bank customer saw their information used to open credit cards. Another family faced insurance fraud after health data was leaked. The takeaway, even when attackers don’t steal money immediately, is that exposed personal information often causes financial, emotional, and reputational turmoil for years.[9][10]
“The shift we’re seeing in 2025 is from passive acceptance of breaches to active customer empowerment. New regulations, better insurance options, and innovative authentication technologies are giving consumers real tools to protect themselves—but only if they use them.”
— Industry perspective from leading cybersecurity analysts[2][3]
3. Salesforce as Case Study—But Risks Are Everywhere
The high-profile Salesforce breach, in 2025, impacted thousands of organizations, exposing credentials and customer data through a third-party integration. Yet these methods—phishing, stolen PII, exploiting software integrations—also enable attacks on hospitals, insurers, banks, universities, and government offices across the globe. Every digital user is potentially a target.[11][12][13]
Attack Vectors by Industry (2025) |
Industry Breakdown of Data Breaches: |
Healthcare 35% ███████████████████████████████████ |
Financial 28% ████████████████████████████ |
Retail/E-comm 22% ██████████████████████ |
Government 10% ██████████ |
Other 5% █████ |
4. Regulation & Insurance: What Changed in 2025
Regulatory Breach Notice Deadlines—At a Glance
State/Regulation | Deadline |
NY, CA | Immediate |
Oklahoma | 48 hours |
HIPAA (all U.S. healthcare) | Up to 60 days |
5. Emotional & Financial Toll: Human Stories Matter
Exposed PII allows cybercriminals to send customized scam emails, create socially engineered support lines, and commit medical or financial fraud in victims’ names. Victims often spend months, sometimes years, repairing records, refuting fraudulent activity, and regaining lost access. For most simple cases, recovery is possible within weeks to a few months, but for a substantial minority, especially those involving government fraud or major financial harm, the process can extend for 1-2 years or longer. [18]
Average Recovery Timeline After Breach |
Timeline to Full Recovery: |
Day 0 ▓ Breach Detection |
Days 1-7 ▓▓▓ Notification Period |
Days 7-30 ▓▓▓▓▓▓▓ Account Security Measures |
Days 30-90 ▓▓▓▓▓▓▓▓▓▓▓▓▓ Credit Monitoring Setup |
Months 3-24 ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ Full Recovery Process |
6. What Every Customer Should Do
Within 24 hours of breach notice:
Within 48 hours:
Week 1:
First month:
Ongoing:
7. Why Passwords Are the Problem—and Photolok Is the Solution
Traditional passwords remain the weakest link in cybersecurity, with 88% of web application attacks exploiting stolen credentials.[3] That’s why at Netlok, we’ve developed Photolok—a revolutionary visual authentication system that eliminates passwords entirely.
How Photolok Protects You:
Visual Authentication
Instead of typing passwords that can be stolen, you select encrypted photos from Photolok’s proprietary library and log in to your private account. Hackers can’t use what they can’t steal.
One-Time Use Photos
Each photo can be set for single use, expiring after login. Even if someone sees you authenticate, they can’t reuse that image.
Duress Protection
Select a special “duress photo” to silently alert authorities or trusted contacts if you’re forced to log in under threat—a feature no password can offer.
Easy Setup & Management
Built for Everyone
From tech-savvy professionals to seniors who struggle with passwords, Photolok’s intuitive design makes strong security accessible to all users.
Real-World Impact:
When the recent Salesforce breaches exposed consumer passwords, Photolok users remained protected. You can’t phish a photo that changes with each login.
Ready to move beyond passwords? Learn more about Photolok or Request a Demo to see how visual authentication can protect your accounts today.
8. The Path Forward
Data breaches aren’t slowing down—they’re accelerating. But customers don’t have to be victims. Through vigilance, advocacy, and adoption of advanced authentication solutions like Photolok, every user can take control of their digital security.
Author & Credentials
Kasey Cromer is Director of Customer Experience at Netlok, focused on authentication, incident response, and SaaS security for over a decade.
Resources
Published September 2025. Content reviewed quarterly for accuracy and compliance. Netlok’s Photolok solution is featured as an innovative approach to password-free authentication in the evolving cybersecurity landscape.
Your Personal Data Was Just Stolen: Here’s Your 24-Hour Response Plan
Kasey Cromer, Netlok | October 6, 2025 Executive Summary 2025 is setting new records for cyberattack[...more]
Wrench attacks average more than 1 incident per week in 2025
K. Cromer, Netlok 9/8/2025 This analysis builds on Netlok’s ongoing research into wrench attac[...more]
Measuring MFA’s Defensive Muscle in 2025
A.R. Perez, Netlok. 7/8/2025 Multi-factor authentication (MFA) was once hailed as a near-perfect shi[...more]
The Rise of Deepfakes and Synthetic IDs Challenge Biometric Login Solutions
A.R. Perez, Netlok, July 1,2025 Understanding the Threat Landscape The emergence of sophisticated de[...more]
Password Theft Enables Faster and Broader User Exploitation
A.R. Perez, Netlok, June 2025 To enhance their performance, bad actors favor methods that increase t[...more]
Hackers Prefer Password Theft to Direct Technical Exploits
A.R. Perez, Netlok, June 24, 2025 Like most people and organizations, cybercriminals value their tim[...more]
How Crime-As-A-Service Has Turned Hacking Into A Subscription Business
A.R. Perez, Netlok, June 17, 2025 The pace of technological change is accelerating crime. For exampl[...more]
Why Family Offices Remain Unprepared Despite High Cyberattack Risks
A.R. Perez, Netlok, June 12, 2025 Despite facing significant cybersecurity threats, many family offi[...more]
Is Privacy Dead?
A. Perez, Netlok, 6/9/2025 Supreme Court Allows DOGE Access to Social Security Database: Privacy Imp[...more]