South Africa ranked 27th globally for data breaches in Q2 2025, according to Surfshark’s latest report revealing persistent cybersecurity gaps. The drop of six places from Q1 isn’t a win. It just means other countries got hit harder. Here, breach numbers remain stubbornly high.
Surfshark reports more than 21 000 South African accounts were breached between April and June—about three per 100 000 people. That might not sound huge until you realise South Africa has been on that list quarter after quarter. That is worrying.
Globally, breaches jumped 64 percent compared with Q1. Over 300 million accounts were leaked in three months. The usual suspects (US, Russia, China) still lead. But smaller nations like South Africa keep showing up. That should worry us all.
Surfshark’s Data Breach Monitor is great for tracking trends. But tracking isn’t enough. We have POPIA in place, but enforcement remains patchy and under‑resourced. Many local businesses treat cybersecurity as an IT checkbox—not a core priority. That’s part of the problem.
Threats are getting more sophisticated. AI‑powered phishing, large‑scale data exfiltration tools, fully resourced syndicates are now the norm—not script kiddies in basements. Cybercrime is evolving and South Africa’s defences must catch up.
This isn’t just technical. It’s reputational. It’s economic. It’s personal. Breaches undermine trust, expose citizens to identity theft, and could threaten critical services. Online public service platforms, private sector data—it’s all in play.
Fixing this isn’t optional. The government and private sector need real digital resilience. We need proactive strategies, threat‑aware culture and hardened infrastructure. Not just patching after the fact.
For more insight into local cybersecurity readiness and AI‑driven threats, see how Cisco warns South African firms are falling behind: Cisco says SA cybersecurity isn’t keeping up with AI