Healthcare is the industry that costs the most to breach, with each violation costing an average of $7.42 million, and IBM was found in its 2025 Costs of Data Breach report. Despite maintaining its highest position for the 14th consecutive year, healthcare has been cut from its average cost of $977 million last year.
The Ponemon Institute conducted benchmark studies on behalf of IBM. The researchers investigated 600 organizations affected by data breaches in 17 industries and 16 countries between March 2024 and February 2025, and interviewed over 3,400 security and C-Sweet business leaders. It is important to note that healthcare accounts for only 2% of the organizations surveyed.
In all industries included in the report, the global average fell to $4.44 million per violation, down 9% from the 2024 report. Researchers believe that the global reduction in violation costs is attributed to the fast identification and containment driven in part by AI and automation.
Despite global cost savings, the US remains an expensive locale to experience data breaches. This year's report shows that the average US violation costs increased by 9% to $10.22 million. This is due to regulatory fines and increased containment costs.
Major Healthcare Takeouts
Even if the costs of global violations go down, healthcare remains the most expensive industry due to data breaches. This shows that while security improvements are occurring across all industries, healthcare organizations continue to face unique challenges when protecting sensitive data.
Ponemon Institute calculates the average cost of a data breach by assessing detection and escalation costs, post-breach responses, lost businesses and notifications.
In addition to being the most expensive industry, healthcare data breaches took the longest time to identify and contain them in 279 days, five weeks longer than the global average.
“There are many factors that reduce the cost of violations for healthcare organizations, which are advantageous targets for attackers due to high-value data for sectors, the urgency of clinical manipulation, and reliance on legacy systems.
“Looking back at the highly expensive medical violations over the past five years, we see that the most expensive violations are those that affect the organization's own systems, third parties, and their ecosystems.”
Kessem noted that the long lifecycle of healthcare data breaches has contributed greatly to sudden costs, and that each day of recovery is driving those costs. Furthermore, healthcare is a highly regulated industry. Regulatory fines and litigation resulting from violation-related privacy violations can further increase costs.
“Healthcare violations take the longest time to detect and contain, giving attackers more time to steal sensitive data and disrupt care,” Kessem added.
“This is where AI-powered security tools show significant ROI. Essentially, strengthening the capabilities of your security team will help you spot potential threats early, meaning that healthcare providers can respond faster and limit damage.”
Globally, 16% of the violations surveyed were involved with attackers who used AI to manipulate humans. However, AI plays an important role in defense, with 32% of respondents reporting using security AI and automation tools.
In addition to adopting AI-driven tools, basic security measures should be prioritized.
“Beyond detection and prevention, we need to focus on building cyber resilience, a key component in reducing violation costs,” Kessem said. “Apart from ensuring that the security architecture is in line with the organization's risk appetite, resilience means building a robust incident response plan and covering high-risk scenarios and high-value data and assets.”
Jill McKeon has been covering healthcare cybersecurity and privacy news since 2021.
