Data breaches are on the rise.
Data breaches and attempted data breaches doubled between 2022 and 2023.
According to the 17th-annual Data Breach Investigations Report (DBIR) from Verizon Business, there were a record-high 30,458 security incidents and 10,626 confirmed data breaches in 2023—a two-fold increase over 2022.
Verizon Business analysis indicates the exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches. This spike was driven primarily by the increasing frequency of attacks targeting vulnerabilities on unpatched systems and devices (zero-day vulnerabilities) by ransomware actors, according to the study.
Verizon Business says so far, threat actors have not adopted artificial intelligence (AI) in a widespread manner because a general failure of organizations to patch basic vulnerabilities has eliminated the need for more advanced cyberattack methods.
Other findings
- On average, it takes organizations 55 days to remediate 50% of critical vulnerabilities following the availability of patches. Meanwhile, the median time for detecting mass exploitations of patch vulnerability on the Internet is five days.
- In 2023, 15% of breaches involved a third party, including data custodians, third-party software vulnerabilities, and other direct or indirect supply chain issues. This metric shows a 68% increase from 2022.
- About seven in 10 breaches (68%), whether they include a third party or not, involve a non-malicious human element, which refers to a person making an error or falling prey to a social engineering attack. This percentage is about the same as 2022.
- One-third (32%) of all breaches involved some type of extortion technique, including ransomware.
- During the past two years, roughly a quarter (between 24% and 25%) of financially motivated incidents involved pretexting (using a false narrative to gain a victim’s trust and manipulate them into enabling a cyberbreach).
- Over the past 10 years, the use of stolen credentials has appeared in three in 10 (31%) of all breaches.
- Half of the breaches in Europe-Middle East-Africa (EMEA) region are internal.
- Espionage attacks continued to dominate in the Asia-Pacific (APAC) region.
"The exploitation of zero-day vulnerabilities by ransomware actors remains a persistent threat to safeguarding enterprises," said Chris Novak, senior director of cybersecurity consulting, Verizon Business. "The persistence of the human element in breaches shows that there is still plenty of room for improvement with regard to cybersecurity training."
Survey: Consumers respond negatively to retailer breaches
According to a recent survey of more than 1,000 U.S. consumers from threat intelligence solution provider Cyberint, more than 60% of respondents are likely to stop shopping with a retailer following a data breach.
This figure rises to three-quarters (74%) of higher-income respondents who said they would stop shopping with a retailer post-data breach.