-
Frequency
1,241 incidents, 282 with confirmed data disclosure
Top patterns
System Intrusion, Basic Web Application Attacks, and Miscellaneous Errors represent 80% of breaches
Threat actors
External (75%), Internal (25%) (breaches)
Actor motives
Financial (95%), Espionage (5%) (breaches)
Data compromised
Personal (63%), Credentials (41%), Other (23%), Internal (10%) (breaches)
Top IG1 protective controls
Security Awareness and Skills Training (CSC 14), Access Control Management (CSC 6), Secure Configuration of Enterprise Assets and Software (CSC 4)
What is the same?
This industry continues to be impacted by attacks targeting their external infrastructure and are largely targeted by External actors with Financial motives. However, Educational Services also faces accidents as one of the top causes of breaches." We say 'this industry' too much in the summary.
Summary
Educational Services follows an eerily similar trend to the majority of the other industries; it is experiencing a dramatic increase in Ransomware attacks (over 30% of breaches). In addition, this industry needs to protect itself against stolen credentials and phishing attacks potentially exposing the personal information of its employees and students.
Educational Services
NAICS 61
- 2022 DBIR
- Master Guide
- Introduction
- Summary of Findings
- Results and Analysis Intro
- Results and Analysis - Intro to Patterns
- Results and Analysis - Not the Human Element
- Results and Analysis - Basic Web Application Attacks
- Industries
- Intro to Industries
- Accommodation and Food Services Data Breaches
- Arts and Entertainment Data Breaches
- Data Breaches in Education
- Financial Services Data Security Breaches
- Healthcare Data Breaches
- Information Industry Data Breaches
- Data Breaches in Manufacturing Industries
- Data Breaches in Energy & Utilities Industries
- Professional Services Data Breaches
- Public Administration Data Breaches
- Retail Data Breaches and Security
- Small Business Data Breach Statistics
- Intro to Regions
- Wrap Up
- Appendices
- Corrections
- Download the full report (PDF)
Please provide the information below to view the online Verizon Data Breach Investigations Report.
Thank You.
Thank you.
You will soon receive an email with a link to confirm your access, or follow the link below.
Thank you.
You may now close this message and continue to your article.
-
Patterns
5-Year difference
3-Year difference
Basic Web Application Attacks
No change
Greater
System Intrusion
Greater
Greater
Miscellaneous Errors
No change
Less
-
Pattern
Difference with peers
System Intrusion
Greater
Basic Web Application Attacks
Less
Miscellaneous Errors
Greater
-
Alright, class is back in session, put away your NSYNC Trapper Keeper and get out a number two pencil, cause you’re about to get schooled on the breaches and incidents impacting the Educational Services industries. System Intrusion, Social Engineering and DoS are the leading causes of incidents and System Intrusion, BWAA and Errors lead the way with regard to breaches. Falling along the peak of the grading curve, this industry also has Use of stolen creds and Ransomware as the top two Actions varieties, which is a very dangerous combination. The rumor is stolen creds and ransomware quit school due to recess, because they don’t play around.
-
While an erroneous number in a calculation might result in a few points off of your homework, the erroneous end user might result in a data breach. Thirty four percent of the errors found in this industry were from an email sent to the wrong people, or with the wrong attachment.
While errors may have decreased over the past three years, they’re still a relatively normal occurrence that should be taken seriously, especially considering the various troves of data schools handle, we would hate to have our poor little Bobby Tables’ data leaked.25
-
2017 Year Book
There’s nothing quite like the feeling of nostalgia that hits you when you’re looking over your old yearbook. Signatures and notes from friends long ago, ahh, the good old days. We get that same feeling when looking back at the 2017 DBIR and see Cyber-Espionage as the top breach pattern for this industry. No worries though, Espionage has not graduated and moved away yet. It shows up in 34% of incidents this year. Figure 85 captures the shifts in data and the somewhat dramatic rise of Espionage that is still all too present today. Unfortunately, unlike your opinionated high school friends on social media, you can’t just block espionage from cluttering up your feed.
-
25 https://xkcd.com/327, a classic.
Let's get started.
Choose your country to view contact details.
- Select Country...
- United States
- Argentina
- Australia
- Austria
- Belgium
- Brazil
- Canada
- Chile
- China
- Colombia
- Costa Rica
- Denmark
- Finland
- France
- Germany
- Hong Kong
- India
- Ireland
- Italy
- Japan
- Korea
- Luxembourg
- Mexico
- Netherlands
- New Zealand
- Norway
- Panama
- Portugal
- Singapore
- Spain
- Sweden
- Switzerland
- Taiwan
- United Kingdom
- United States
- Venezuela
-
Call for Sales.
Or we'll call you.
Existing customers, sign in to your business account or explore other support options.