1-877-297-7816
Contact Sales

Information (NAICS 51)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

Submit View only

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency

  

2,110 incidents, 384 with confirmed data disclosure

Top patterns

  

System Intrusion, Basic Web Application Attacks and Social Engineering represent 77% of breaches

Threat actors

  

External (81%), Internal (20%), Multiple (2%), Partner (1%) (breaches)

Actor motives

  

Financial (92%), Espionage (8%) (breaches)

Data compromised

  

Personal (51%), Credentials (37%), Other (35%), Internal (19%) (breaches)

What is the same?

  

System Intrusion remains the top pattern in this vertical, and it is still dominated by Financially motivated external actors.

Summary

  

Miscellaneous Errors continues the downward trend it has exhibited for the last several years and loses its position in the top three to Social Engineering. Denial of Service attacks account for 70% of incidents in NAICS 51.

Make no mistake, information is power.

Over the last few years, errors have played a diminishing role in breaches within the Information vertical. That downward trend continues this year, so much so that it has fallen to number four and accounts for only 13% of breaches. (Figure 53) Good on ya, Information folks! Securing your assets from the bad guys is hard enough without unwittingly exposing assets yourself. 

Social Engineering, on the other hand, has slowly crept up and captured the number three position with 20% of breaches. Unlike some industries where we see a much higher degree of phishing than we do of its more complicated cousin, pretexting. In the Information vertical, however, the two social actions are not far apart, with phishing at 15% and pretexting at 11%. As mentioned elsewhere in this report, Pretexting is definitely on the rise.

Please listen closely, as our options have NOT changed.

As always, External actors (the vast majority of which are organized crime) are behind most attacks in this vertical. In fact, last year, we showed only External and Internal actors. This year we did see an increase (albeit very small) in the categories of Partner and multiple actors at 1% each. Granted, those are not big numbers, but it is of interest to see them reappearing in this industry for the first time in a couple of years. As one would expect, the vast majority of attacks, regardless of who was committing them, were Financially motivated. The motive of Espionage was still present at 8% of breaches but is significantly lower than last year’s 20%. The most likely reason for the change is the move away from web apps and servers and toward spy balloons and remote viewing.

2023 Data Breach Investigations Report

Let's get started.