2021 Data Breach Investigations Report: 85% of breaches involved the human element

The Verizon Business 2021 Data Breach Investigations Report has been released. The report is based on 5258 violations from 83 contributors around the world, one-third more than the violations analyzed last year. The report revealed how the most common form of cyberattacks during the epidemic affected the international security situation.

The report pointed out that under the influence of remote work, violations involving phishing increased by 11% compared with last year, accounting for 36%. Ransomware also increased by 6% over the previous year, and appeared in 10% of violations; attacks on Web applications accounted for 39%.

In addition, the data also shows that 61% of vulnerabilities involve credential data; 95% of organizations that have suffered credential stuffing attacks have experienced between 637 and 3.3 billion malicious login attempts during the year. As in previous years, human negligence remains the greatest threat to security. 85% of violations involve human factors, and over 80% of violations are discovered by external parties.

There are also subtle differences between industries. In the financial and insurance industries, 83% of the leaked data is personal data; in professional, scientific, and technical services, only 49% is personal data. In the healthcare industry, basic human error continues to beset this industry as it has for the past several years. The most common Error continues to be Misdelivery (36 percent), whether electronic or of paper documents.

Divided by region, violations in the Asia-Pacific region are usually caused by financial motivations and phishing. Europe, the Middle East, and Africa continue to be affected by web application attacks, system intrusions, and social engineering attacks.