A new study by cybersecurity company Surfshark indicates that the Philippines has seen a notable increase in data breaches this year, ranking 15th worldwide for the number of compromised accounts in the third quarter (Q3 2025).
The report states that 437,900 Filipino accounts were exposed between July and September, contributing to a global total of 90.6 million breached accounts during the same period.
While the global frequency of breaches has declined – dropping by 22.3% from the previous quarter – the Philippines experienced a 25.7% rise in breach rates. The number of compromised accounts in the country increased from 2.7 per minute in the second quarter to 3.4 per minute in the third quarter of 2025.
Surfshark’s analysis of historical data since 2004 places the Philippines as the second most affected country in Southeast Asia, with 151.3 million user accounts compromised over the years.
The report highlights that 57 million unique email addresses from the Philippines have been breached, and 75.2 million passwords associated with these accounts have also been exposed. This means that approximately half of those affected are at risk of account takeover, which could result in identity theft or other forms of cybercrime.
The study estimates that, on average, each Filipino has been affected by a data breach at least once, making the country’s exposure rate among the highest in the region.
The report draws attention to the role of artificial intelligence in amplifying the impact of data breaches.
Sarunas Sereika, senior product manager at Surfshark, explained that advancements in artificial intelligence have made it easier for threat actors to exploit data breaches.
“Previously, exploiting leaked data required significant technical skill, but AI has lowered the barrier to entry, allowing malicious actors to rapidly analyse and weaponize even seemingly insignificant data, transforming leaked names, addresses, and preferences into highly personalised attacks,” he said.
According to the study, Europe was the region most affected by data breaches in the third quarter, accounting for nearly half of all incidents.
North America and Asia followed, with the Philippines contributing to Asia’s share of 14.1 million breached accounts.
France, Germany, and the US topped the list of countries with the highest number of breaches.
Surfshark’s research defines a data breach as the unauthorised exposure of confidential information, such as email addresses, passwords, and other personal data.
The data was collected from 29,000 publicly available databases, anonymized, and statistically analysed. Only countries with populations exceeding one million were included in the review.
