Information
NAICS 51

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

  • Frequency

     

    2,561 incidents, 378 with confirmed data disclosure

    Top patterns

     

    System Intrusion, Basic Web Application Attacks, and Miscellaneous Errors represent 81% of breaches

    Threat actors

     

    External (76%), Internal (24%) (breaches)

    Actor motives

     

    Financial (78%), Espionage (20%), Ideology (1%), Grudge (1%) (breaches)

    Data compromised

     

    Personal (66%), Other (35%), Credentials (27%), Internal (17%) (breaches)

    Top IG1 protective controls

     

    Security Awareness and Skills Training (CSC 14), Secure Configuration of Enterprise Assets and Software (CSC 4), Access Control Management (CSC 6)

    What is the same?

     

    Surprisingly, over the last five years Social breaches have remained roughly the same. This may be because Social breaches are targeting customers resulting in Hacking breaches (which have also stayed pretty level) to the company due to stolen credentials.

    Summary

     

    System Intrusion moves ahead of Errors and Basic Web Application Attacks to claim the top spot this year in breaches, meanwhile DDoS maintains its top position in incidents. Malware has seen a noticeable rise over the past two years, while Errors appear to be on the down swing since their rise five years ago.

  • Patterns

     

    5-Year difference

     

    3-Year difference

    Basic Web Application Attacks

     

    No change

     

    No change

    Miscellaneous Errors

     

    Greater

     

    Less

    System Intrusion

     

    Greater

     

    Greater

  • Pattern

     

    Difference with peers

     

     

    System Intrusion

     

    No change

     

     

    Basic Web Application Attacks

     

    Greater

     

     

    Miscellaneous Errors

     

    Greater

     

     

  • Last year, not unlike your boss at your last performance review, we highlighted the Errors in the Information industry. However, as we can see in Figure 88, there has been clear progress that we can put on the mid-year review. Errors have experienced a decline since their upswing half a decade ago in 2017.

  • To maintain the balance however, malware has seen a measurable increase over the last two years. That is reflected in Figure bbf55dbd. System Intrusion has jumped to the top in this vertical, even rising above Basic Web Application Attacks.

    One interesting effect of having System Intrusion in the number one position is that the Information industry contains a smorgasbord of Action varieties. Use of stolen creds is the most common, but after that, a legion of varieties are present, with Ransomware, Misconfiguration, Backdoor or C2, and Export Data appearing in more than 4% of breaches. In fact, Information is tied for 2nd place in industries by the number of varieties above 4% at 17 different action varieties.

    Figure 90 illustrates the top incidents, dominated by DDoS attacks and System Intrusions (which are driven by Ransomware). Please be sure not to forget about DDoS–while it is relatively easy to mitigate, it has certainly not gone away. 

    Finally, Figure 91 provides a look into something else that’s easy to forget: botnets. The information industry takes the top spot in botnets for the second year running. Botnet breaches are often masked at the victim organization because they only see the malicious login, and not that the bot also stole the credentials.

Let's get started.