Professional, Scientific and Technical Services (NAICS 54)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency

 

1,398 incidents, 423 with confirmed data disclosure

Top patterns

 

System Intrusion, Basic Web Application Attacks and Social Engineering represent 90% of breaches

Threat actors

 

External (92%), Internal (9%), Multiple (3%), Partner (2%) (breaches)

Actor motives

 

Financial (96%), Espionage (4%), Convenience (1%) (breaches)

Data compromised

 

Personal (57%), Credentials (53%), Other (25%), Internal (16%) (breaches)

What is the same?

 

System Intrusion, Basic Web Application Attacks and Social Engineering continue to be the main threats to organizations in this sector.

Summary

 

Even though the top patterns haven’t changed for this industry, this sector has experienced an increase in Ransomware over the year, with incidents following the same core vectors as the previous year.

This sector could perhaps be considered the lubricant that keeps all industries running smoothly. It consists of many disparate professions, including our lawyer friends [joke redacted by legal], accounting and various other business services. Much like the other sectors they serve, this industry is also affected by the big three patterns of System Intrusion (47%), Basic Web Application Attacks (25%) and Social Engineering (18%). 

With regard to action varieties, while we see DoS and Use of stolen creds among the top actions in Figure 59, we also see a good deal of Ransomware. This year, Ransomware accounted for approximately 23% of the incidents in this sector, which is a notable increase from last year’s 14%.

If you are wondering how these breaches occur, you need look no further than Web applications (55%), Email (25%) and Desktop sharing software (17%). Considering the frequent usage of stolen credentials and email, it might be a good time to remind folks to implement strong authentication practices and to encourage your team members to keep in mind the importance of staying diligent.

2023 Data Breach Investigations Report

Let's get started.