India’s Data Breach Cost Hits Record Highest at Rs 220 Million in 2025, IBM Warns of Rising AI Security Gaps

India has reached a scary point in terms of cybersecurity.  According to IBM's most recent Cost of a Data Breach Report, the average cost of a data breach in the country has reached an all-time high of Rs 220 million (Rs 22 crore), which is a 13% increase over last year's Rs 195 million. But the results from this year go beyond just numbers.

IBM looked into the state of security and governance for AI for the first time. The results show that AI is becoming an enticing target for hackers as businesses race to use it without the right protections.  AI is growing quickly, while security is moving slowly.  Only 37% of businesses in India have AI access controls, while almost 60% don't have the right AI governance rules or are still writing them. Only a third of people who have policies are adopting AI governance tools.  The paper talks about Shadow AI, which is when people use AI tools without the IT department's permission. 

Shadow AI is now one of the top three reasons why a breach costs so much in India, adding around Rs 17.9 million to the damage. Even still, less than half of businesses have rules in place to find or deal with it. 

What Causes Breaches in India 

The research says that the most common cause of breaches is phishing (18%), followed by third-party vendor compromises (17%) and vulnerability exploitation (13%).  The average breach lifecycle, or the time it takes to find and fix an incident, has reduced to 263 days, which is 15 days faster than last year.  That's progress, but the cost is still considerable.  The research industry had the highest average breach expenses, at Rs 289 million. Transportation (Rs 288 million) and industrial enterprises (Rs 264 million) were close behind. 

AI Can Save Money If Used for Security

One of the most interesting things in the report is that companies that use AI-driven security automation save more than half on breach expenses.  But 73% of Indian companies that were asked stated they don't use these kinds of technologies very much or at all. 

The Cost of a Data Breach Report from IBM has looked at more than 6,500 incidents in the last 20 years. In the past, dangers were mostly physical. Now, digital, targeted attacks are the most common, and AI is now a part of the mix.  Experts say that the mix of high-value data and low governance is making it easier for attackers to get into systems since AI is being added to fundamental business processes quicker than security solutions can keep up.  The cost of breaches could go up considerably more in the next few years if things keep going the way they are now. This is only true if companies take AI governance as seriously as they do AI adoption. 

Read More: India's AI Investment to Grow 38% Annually, Agentic AI Leading