Arts, Entertainment and Recreation
NAICS 71

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

  • Frequency

     

    215 incidents, 96 with confirmed data disclosure

    Top patterns

     

    Basic Web Application Attacks, System Intrusion, and Miscellaneous Errors represent 80% of breaches

    Threat actors

     

    External (74%), Internal (26%) (breaches)

    Actor motives

     

    Financial (97%), Grudge (3%) (breaches)

    Data compromised

     

    Personal (66%), Credentials (49%), Other (23%), Medical (15%) (breaches)

    Top IG1 protective controls

     

    Security Awareness and Skills Training (CSC 14), Secure Configuration of Enterprise Assets and Software (CSC 4), Access Control Management (CSC 6)

    What is the same?

     

    The Patterns are the same, but the order is not. Medical data continues to be compromised in this industry.

    Summary

     

    The System Intrusion and Basic Web Application Attacks patterns exchanged positions, but the Miscellaneous Errors pattern held on to 3rd place on the podium. For incidents, Denial of Service attacks remain a problem in the sector, particularly for the Gambling industry.

  • Patterns

     

    5-Year difference

     

    3-Year difference

    Basic Web Application Attacks

     

    No change

     

    No change

    System Intrusion

     

    No change

     

    No change

    Miscellaneous Errors

     

    No change

     

    No change

  • Pattern

     

    Difference with peers

     

     

    Basic Web Application Attacks

     

    No change

     

     

    System Intrusion

     

    Less

     

     

    Miscellaneous Errors

     

    Greater

     

     

  • This industry mainly covers live performances, and whether dance, theater or sporting events, the common thread is that none are pre-recorded for later broadcast. It also includes the gambling industry. One can only imagine the different attack surfaces that are present for the myriad organization types belonging to this NAICS code. Something many of them have in common, however, is that at least a portion of their infrastructure relies on the internet to perform critical functions, whether that is ticket sales or taking orders (or bets as the case may be). In any event, when a Denial of Service attack comes calling, it is a very unwelcome guest. Nevertheless, it is a frequent guest in this sector (particularly in the Gaming organizations in the APAC region), and represents over 20% of incidents. 

    With regard to breaches, the three patterns listed in the At-a-Glance table show the vulnerability of the infrastructure beyond disruption of services. Once the attackers get in, they can wreak havoc in earnest. These attackers are largely External actors, with a Financial motive, although there are a small amount of Grudge-motivated attacks in this sector as well. 

    The inclusion of the Basic Web Application Attacks is concerning, given the less complex nature of these attacks. Conversely, the attackers have to try much harder to gain their prize in the System Intrusion attacks, where ransomware is always a favored tool. As we have seen in the past, every attacker loves credentials, and will use them to masquerade as a legitimate employee to evade capture for as long as it takes to get what they are after.

    The most commonly taken data is Personal information (although it is down from a high last year of 83%) and Credentials. Oddly enough, Medical data is still being snarfed up (technical term) in 15% of the breaches in this sector. This was similar to last year (at 26%), but it remains a puzzling data type to find in a sector that has no medical affiliation. It may be that the data taken is from companies that are self-insured for their employee medical needs, and so have a need to store that kind of data, or it could possibly be from some form for Workers Compensation data (on the job injuries). Additionally, this NAICS code includes sports teams which could account for a certain number of stolen medical records. Regardless, it is a rather counterintuitive finding

    Miscellaneous Errors remain in the top three patterns again this year (25%). The Misconfiguration error was the most common, representing approximately 15% of the breaches.  In addition to blunders with servers, it seems like this industry still has issues with sending emails to the wrong recipients.

Let's get started.