Cybercrime has become a growing threat to businesses, schools, and individuals all over the United States, with more than $12.5 billion in potential losses incurred in the last year alone. But some states are bearing the brunt of the financial losses - is your state one of them? 

Oliver Page, CEO of CyberNut, delves into the top ten U.S. states that experienced the highest cybercrime losses in 2023, exploring the potential reasons behind these staggering figures. 

10. Washington

Washington's thriving tech industry makes it a prime target for cybercriminals. Oliver Page says, ‘With major tech companies like Microsoft and Amazon headquartered here, the state holds vast amounts of valuable data.’ Attacks on these giants and smaller businesses contributed to the state's losses in 2023, which amounted to over $288 million.

9. Georgia 

Atlanta's status as a significant financial hub plays a role in Georgia's cybercrime losses, which reached over $300 million last year. Oliver Page notes, ‘The state houses numerous banks and financial institutions, attracting cybercriminals seeking to exploit vulnerabilities in the financial sector.’

8. Arizona

Arizona's growing population and businesses make it susceptible to cyber threats. Small to medium-sized companies, often with fewer cybersecurity resources, become easy targets. The state's focus on healthcare and education makes it a prime target for ransomware attacks.

Arizona lost over $320 million to cybercrimes last year.

7. Illinois 

Illinois, particularly Chicago, is a center for business and commerce. The state's diverse economy, including finance, healthcare, and manufacturing, offers cybercriminals a variety of lucrative targets. Cybercrimes in Illinois in 2023 reached over $335 million.

6. Pennsylvania 

‘Pennsylvania's large number of healthcare providers and insurance companies make it a prime target for data breaches,’ said Oliver Page. Cybercriminals exploit vulnerabilities in these sectors to steal sensitive information, leading to significant financial losses. In 2023, these losses amounted to some $360 million.

5. New Jersey

New Jersey, in fifth place, experienced over $441 million in cybercrime losses, potentially due to its proximity to New York and its own thriving financial and pharmaceutical sectors. 

4. New York

Oliver Page says, ‘New York, the fourth-highest state, suffered nearly $750 million in losses, reflecting its status as a global financial hub and the presence of numerous high-profile companies and organizations, all of whom are a prime target for cybercriminals.’ 

3. Florida 

Florida ranks third, with nearly $875 million suffered in cybercrime losses. ‘The state's reliance on tourism, real estate, and financial services, as well as its large elderly population, make it vulnerable to scams and data breaches,’ Oliver Page says. 

2. Texas 

The state of Texas comes in second with over $1.02 billion in losses, likely due to its large population, diverse economy, and significant presence in industries like energy, finance, and healthcare, all of which are prime targets for cyberattacks. 

1. California 

California tops the list as the state with the highest cybercrime losses in 2023, reaching a staggering amount of nearly $2.16 billion. 

Oliver Page notes, ‘This can be attributed to the state's large population (the largest in the U.S.), thriving tech industry, and high concentration of affluent individuals and businesses, making it an attractive target for cybercriminals.’ 

Cybercrime’s Devastating Impact

These staggering cybercrime losses have a significant impact on the overall economy and financial system. Oliver Page says, ‘The theft of sensitive data, financial fraud, and disruption of critical infrastructure can lead to decreased consumer confidence, higher insurance premiums, and increased costs in every area for businesses and individuals.’

To mitigate these risks, businesses, organizations, and individuals in these high-risk states should implement robust cybersecurity measures, such as:

• Regularly updating software and systems to address known vulnerabilities.

• Implementing strong access controls, including multi-factor authentication and password management.

• Providing comprehensive cybersecurity training for employees to recognize and respond to phishing attempts and other social engineering tactics.

• Regularly backing up data and testing incident response plans to ensure business continuity in the event of a breach.

• Cyber insurance should be considered to transfer some of the financial risk associated with cyber threats.