Cybercriminals exposed 2.8 billion consumer data records in 2018, costing over $654 billion to U.S. organizations, according to ForgeRock.

Cyberattacks to U.S. financial services organizations cost the industry over $6.2 billion in Q1 2019 alone, up from just $8 million in Q1 2018.

Even though investments in information security products and services have been on the rise, with $114 billion invested in 2018, cybercriminals continue to attack organizations across a wide spectrum of industries to gain access to valuable consumer data.

According to the research, personally identifiable information (PII) was the most targeted data for breaches in 2018, comprising 97% of all breaches. By targeting PII, cybercriminals prove that they’re hungry for consumer data and the research also found the most frequent attack method was from unauthorized access, encompassing 34% of all attacks. Healthcare, financial services and government were the sectors most largely impacted by cyberattacks.

“It’s clear from our research findings that consumer data is valuable and highly sought after by cybercriminals as well as very difficult for organizations to protect,” said Eve Maler, VP of Innovation and Emerging Technology of ForgeRock. “Organizations can protect consumer data by implementing a strong customer identity management program. Every industry has incentives to avoid brand damage and costly breaches, and so organizations must use modern identity standards and practices to secure their infrastructure, from servers all the way out to client apps and smart devices at the edge.”

Key findings: