-
Frequency
2,527 incidents, 690 with confirmed data disclosure
Top patterns
Basic Web Application Attacks, System Intrusion, and Miscellaneous Error represent 79% of breaches.
Threat actors
External (73%), Internal (27%) (breaches)
Actor motives
Financial (95%), Espionage (4%), Grudge (1%) (breaches)
Data compromised
Personal (71%), Credentials (40%), Other (27%), Bank (22%) (breaches)
Top IG1 protective controls
Security Awareness and Skills Training (CSC 14), Secure Configuration of Enterprise Assets and Software (CSC 4), Data Protection (CSC 3)
What is the same?
Basic Web Application Attacks and Miscellaneous Errors continue to play a large part in breaches for this vertical as they did last year.
Summary
The Financial sector continues to be victimized by financially motivated organized crime, often via the actions of Social (Phishing), Hacking (Use of stolen credentials) and Malware (Ransomware). Finally, Miscellaneous Errors, often in the form of Misdelivery, is still very common as it has been for the past three years in a row.
Financial and Insurance
NAICS 52
- 2022 DBIR
- Master Guide
- Introduction
- Summary of Findings
- Results and Analysis Intro
- Results and Analysis - Intro to Patterns
- Results and Analysis - Not the Human Element
- Results and Analysis - Basic Web Application Attacks
- Industries
- Intro to Industries
- Accommodation and Food Services Data Breaches
- Arts and Entertainment Data Breaches
- Data Breaches in Education
- Financial Services Data Security Breaches
- Healthcare Data Breaches
- Information Industry Data Breaches
- Data Breaches in Manufacturing Industries
- Data Breaches in Energy & Utilities Industries
- Professional Services Data Breaches
- Public Administration Data Breaches
- Retail Data Breaches and Security
- Small Business Data Breach Statistics
- Intro to Regions
- Wrap Up
- Appendices
- Corrections
- Download the full report (PDF)
Please provide the information below to view the online Verizon Data Breach Investigations Report.
Thank You.
Thank you.
You will soon receive an email with a link to confirm your access, or follow the link below.
Thank you.
You may now close this message and continue to your article.
-
Patterns
5-Year difference
3-Year difference
Basic Web Application Attacks
Greater
Greater
Miscellaneous Errors
Greater
Greater
System Intrusion
Greater
Greater
-
Pattern
Difference with peers
Basic Web Application Attacks
Greater
System Intrusion
Less
Miscellaneous Errors
Greater
-
In 2016 servers were involved in 50% of Financial breaches, as opposed to 90% currently. However, the specific variety of “Server – Web application” has increased from 12% to 51% over that same timeframe. Thus, accounting for Basic Web application Attacks’ position in the top three patterns. A key component of these attacks is that they usually involve the Use of stolen credentials, which is the number one Action variety in this vertical. These creds may have been obtained in any number of ways, but brute force hacking and credential stuffing are the most likely culprits. One thing is certain, stolen creds and web apps go together like peanut butter and chocolate.
‘I’ll show you mine if you show me yours’
The Error variety of “Misdelivery” (16%) is the second most common action variety in this vertical. Misdelivery is exactly what it sounds like, delivering PII or other sensitive information to the wrong recipient. One might expect to see that variety more often in Public Sector or Healthcare because, by their very nature, they send a great deal of mail. Instead, our data indicates that Misdelivery is approximately three times higher in Financial than in the other industries. We here on the DBIR team were taken aback by this finding, as it would be embarrassing if any unauthorized person were to view our checks and learn that we make countless millions for writing this report each year26.
‘Through the years…’
System Intrusion has doubled from 14% in 2016 to 30% this year. Organized crime was responsible for only 49% of breaches in 2018 vs the 79% we see in this report. Availability was affected in only 6% of breaches back in 2016, vs 14% today, and the discovery method of Actor disclosure was 5% (in 2016) as opposed to the 58% in this year’s report. We need hardly say that this is mainly due to ransomware attacks, but to be on the safe side, we will say it anyway:
Finally, we would be remiss if we did not mention that DoS attacks continue to be a huge problem and account for 58% of security incidents in this vertical. That is approximately twice as much as we see in the other industries.
-
26 If only.
Let's get started.
Choose your country to view contact details.
- Select Country...
- United States
- Argentina
- Australia
- Austria
- Belgium
- Brazil
- Canada
- Chile
- China
- Colombia
- Costa Rica
- Denmark
- Finland
- France
- Germany
- Hong Kong
- India
- Ireland
- Italy
- Japan
- Korea
- Luxembourg
- Mexico
- Netherlands
- New Zealand
- Norway
- Panama
- Portugal
- Singapore
- Spain
- Sweden
- Switzerland
- Taiwan
- United Kingdom
- United States
- Venezuela
-
Call for Sales.
Or we'll call you.
Existing customers, sign in to your business account or explore other support options.