Educational Services (NAICS 61)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.



497 incidents, 238 with confirmed data disclosure

Top patterns


System Intrusion, Miscellaneous Errors and Social Engineering represent 76% of breaches

Threat actors


External (72%), Internal (29%), Multiple (1%), Partner (1%) (breaches)

Actor motives


Financial (92%), Espionage (8%), Convenience (1%), Fun (1%) (breaches)

Data compromised


Personal (56%), Credentials (40%), Other (25%), Internal (20%) (breaches)

What is the same?


System Intrusion and Miscellaneous Errors are yet again two of the top three patterns for this industry. The ratio of External and Internal actors is nearly the same as last year.



Basic Web Application Attacks dropped out of the top three to be replaced by Social Engineering. Ransomware continues to play a large role in breaches in this vertical.

Who saw that coming? 

In move that shocked faculty, staff and students alike, last year’s much lauded salutatorian, Basic Web Application Attacks, has dropped out (of the top three patterns). Miscellaneous Errors is still present (isn’t it always?) and has increased slightly from last year. As you may have guessed, these errors are the usual suspects: Misdelivery, Publishing errors and Misconfiguration. 

Social Engineering clawed its way to the number three position, increasing from 14% last year to 21% in 2023 (Figure 52). This rise is primarily represented by Phishing attacks, which showed up in 18% of breaches, and Pretexting scenarios (4%).

Hacking was present in 40% of breaches, with use of stolen credentials appearing in 31% of them. Not to be outdone, malware also showed up in 40% of breaches, with Ransomware present in 30% of those breaches. Let’s review that finding for the exam: Ransomware was responsible for almost one-third of all breaches in the Educational Services vertical. In spite of this impressive showing from both Hacking and Malware, the System Intrusion pattern, while maintaining its number one spot, decreased slightly from last year.

2023 Data Breach Investigations Report

Let's get started.