India’s data breach cost jumps to ₹22 crore, highest on record: IBM

The financial fallout from cyberattacks in India has reached its highest level on record, with the average total organisational cost of a data breach climbing to ₹22 crore in 2025—13% higher than last year—according to the latest Cost of a Data Breach Report by IBM Security.

The study, conducted by the Ponemon Institute and sponsored by IBM Security, examined hundreds of confirmed breaches worldwide between March 2024 and February 2025. The 2025 edition marks the steepest annual increase for India since the report began tracking the country in 2015.

The rise in costs underscores both the growing complexity of cyber incidents and the heightened value of sensitive data within India’s rapidly expanding digital economy.

Global AI adoption outpaces AI security

Beyond cost metrics, the IBM report highlights a new emerging risk: artificial intelligence. While AI adoption for business functions is accelerating globally, security and governance frameworks are lagging.

The research found that, although AI-related breaches still represent a small share of total incidents, the lack of adequate safeguards could expose organisations to higher risks in the coming years.

“Organisations are embracing AI for innovation, but our data shows security measures have not kept pace,” IBM Security stated in the report. “This imbalance may lead to more costly breaches as AI-powered attacks evolve.”

In India, the average breach now costs substantially more than the ₹19.5 crore recorded in 2024. The report attributes the spike to multiple factors: the growing scale of data stored digitally, higher regulatory penalties under the Digital Personal Data Protection Act, 2023, and the expenses associated with lengthy breach detection and containment.

The average time to identify and contain a breach in India stood at 292 days—nearly a month longer than the global average of 265 days. IBM found that organisations able to contain breaches in under 200 days saved, on average, ₹4.3 crore compared to those with longer response times.

Cloud and ransomware remain costly

The 2025 findings show that 82% of Indian breaches involved data stored in the cloud. While cloud adoption has transformed efficiency for enterprises, the report warns that poorly configured or unmonitored cloud environments remain a top attack vector.

Ransomware attacks were responsible for roughly one in four breaches in India, with an average incident cost of ₹24.5 crore—about 11% higher than the cost of non-ransomware breaches.

Consistent with prior years, healthcare remained the most expensive sector for breaches in India, with average costs exceeding ₹31 crore per incident. Financial services followed at ₹28 crore, reflecting the critical nature of the data involved and the stringent compliance requirements for recovery.

“These are industries where the breach of even a single data record can have far-reaching consequences, both financially and reputationally,” IBM’s report noted.

AI and automation can cut breach costs

One of the more positive insights from the report is the cost-saving potential of AI-driven security tools. Indian organisations that deployed extensive AI and automation for threat detection and response saved an average of ₹3.1 crore compared to those with limited AI capabilities.

However, the study cautions that simply adopting AI tools without robust governance, ethical frameworks, and trained personnel could create new vulnerabilities.

The enforcement of India’s data protection law, with penalties of up to ₹250 crore per incident for non-compliance, has amplified the cost of breaches. Alongside direct costs such as forensic investigations, legal fees, and system remediation, IBM identified customer attrition and reputational harm as major contributors to financial loss.

Cybersecurity experts say the report’s findings should act as a “red flag” for corporate India. “The rate at which breach costs are rising in India is alarming,” said Mumbai-based cybersecurity consultant Sriram Lakshmanan in a separate interview with Bloomberg. “Proactive defence and incident readiness are far cheaper than damage control after the fact.”

A call for proactive cyber resilience

IBM recommends embedding security into every stage of the software development lifecycle, increasing investment in employee training, and implementing zero-trust architectures to limit the potential impact of breaches.

With India now a central player in the global digital economy—and a correspondingly attractive target for cybercriminals—the 2025 breach cost figures point to an urgent need for robust defences. As IBM warns, inaction is likely to cost organisations far more than prevention.