Transportation and Warehousing

Please provide the information below to view the online Verizon Data Breach Investigations Report.

Thank You.

Thank you.

You may now close this message and continue to your article.

  • Summary 

    Financially motivated organized criminals utilizing attacks against web applications have their sights set on this industry. But employee errors such as standing up large databases without controls are also a recurring problem. These, combined with social engineering in the forms of phishing and pretexting attacks, are responsible for the majority of breaches in this industry.


    112 incidents, 67 with confirmed data disclosure

    Top Patterns 

    Everything Else, Web Applications and Miscellaneous Errors represent 69% of breaches.

    Threat Actors

    External (68%), Internal (32%) (breaches)

    Actor Motives

    Financial (74%—98%), Espionage (1%—21%), Convenience (0%—15%) (breaches)

    Data Compromised 

    Personal (64%), Credentials (34%), Other (23%) (breaches)

    Top Controls 

    Boundary Defense (CSC 12), Implement a Security Awareness and Training Program (CSC 17), Secure Configurations (CSC 5, CSC 11)

    Data Analysis Notes

    Actor motives are represented by percentage ranges, as only 26 breaches had a known motive. Some charts also do not have enough observations to have their expected value shown.

  • The Transportation and Warehousing industry is a new one for our report. If you’re reading this report for the first time for just this reason, pull up a chair, we’re glad to have you! As you know, this industry is all about getting people and goods from point A to point B, and about storing those goods until they’re needed. Once transported, the people are usually good enough to find their own places to stay, but that’s another industry entirely.

  • All roads lead to pwnd

    What is causing breaches in this sector? Our data shows us that Web Application attacks and Miscellaneous Errors are quite common, and the Everything Else pattern is also prevalent, but more on that later (Figure 106). Web applications are a common attack across the dataset, and a fact of life in this era is that if you have an internet-facing application, someone out there will eventually get around to testing your controls for you. The Hacking, Social and Malware actions were the most common in this industry, which supports the Web Applications pattern’s prominence.

  • Figure 106
  • Keep your eyes on the road

    Miscellaneous Errors are simply a byproduct of being human—we make mistakes. The most common error in this industry was Misconfiguration, as shown in Figure 107. A typical misconfiguration error scenario is this: An internal actor (frequently a system admin or DBA) stands up a database on a cloud service without any of those inconvenient access controls one would expect to see on sensitive data. Then, an enterprising security researcher finds this instance using a search engine that is made to spot these unprotected datastores and poof, you have a breach.

    That “Everything Else” pattern mentioned earlier—it is a place we store odds and ends for attacks that don’t fit into the other attack patterns, and within this pattern lives the business email compromise (BEC). These usually come in as a phishing email, although they can also be done over the phone. The goal of the attacker is either to get data or facilitate a wire transfer to their conveniently provided bank account. These attacks are perpetrated largely by organized criminal actors with a financial motive.

    You can see in Figure 108 the most common motive of the external actors in this sector. While there are some espionage-motivated actors, they are few and far between when compared to financially motivated attackers. The data type of choice in this vertical appears to be Personal, which is being closely tailgated by Credentials.

  • Figure 107
  • Figure 108