A total of 41.6 million breached accounts were detected in the first quarter of 2023, which may sound like a huge figure, but is actually a significant drop, a new global report from cybersecurity experts Surfshark states.

The figure represents a 49% decrease in breached users worldwide compared to the fourth quarter of the previous year, the company says, however, despite the seemingly positive outlook, having more than 41 million breached accounts gives us very little reason to rejoice, the researchers said, adding that in some parts of the world, the number of breached accounts still rose.

The researchers are warning that cybercriminals can use stolen account information to run all kinds of scams and cyberattacks, from business email compromise, to identity theft, wire fraud, and more.

Fraud and scams

The majority of the breached accounts were located in Russia – 6.6 million. U.S. accounts were second with 5 million, followed by Taiwan (3.9m), France (3.2m), and Spain (3.2m). Taiwan experienced a major spike, with the number of breached accounts increasing 21 times quarter-on-quarter, up from 191,000 in Q4 2022.

Generally speaking, one user account was leaked every second in Q1 2023.

Europe was the only region with a “significant” increase in breached accounts, quarter-on-quarter, Surfshark stated, as the number nearly doubled from 9.9 million to 17.5 million. The number of leaked accounts in the Czech Republic increased ninefold. Still, they pale in comparison to those from Taiwan and Saudi Arabia. In these countries, there had been around 20 times more leaked accounts in Q1 2023, compared to Q4 2022. South Korea saw a 12-fold increase.