Public Administration (NAICS 92)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency

 

12,217 incidents, 1,085 with confirmed data disclosure

Top patterns

 

Miscellaneous Errors, System Intrusion and Social Engineering represent 78% of breaches

Threat actors

 

Internal (59%), External (41%) (breaches)

Actor motives

 

Financial (71%), Espionage (29%) (breaches)

Data compromised

 

Personal (72%), Internal (37%), Other (31%), Credentials (17%) (breaches)

What is the same?

 

System Intrusion and Social Engineering remain top attack patterns in this sector.


Summary

Miscellaneous Errors, particularly Misdelivery, have surged to the top spot in this industry, reflecting the commonality of mistakes leading to breaches. System Intrusion now ranks second, followed by Social Engineering. The predominance of internal actors underscores the potential consequences of employee carelessness, with Errors accounting for the majority of breaches.

Owning up to your mistakes in public

Due to some of our new data contributors reporting on mandatory breach disclosures, there was an ascendency of the Miscellaneous Errors attack pattern to the top spot in this industry (Figure 70).96 The most common error in Public Administration was Misdelivery, where information (in whatever form) is delivered to the wrong recipient. While this happens frequently via email, it is also quite common with printed documents and, strangely, faxes. The Lost and Stolen Assets pattern (in second place last year) is no longer among the top three in spite of a rather impressive showing by Loss.

Actions speak louder than campaign promises.

Just as we see in the other verticals, System Intrusion and Social Engineering incidents remain commonplace and account for the next two patterns in this industry, respectively. While hacking only appeared in 31% of Public Sector breaches, it is clear that threat actors are still voting for the Use of stolen creds, which were involved in 83% of hacking-related breaches, mostly against web applications.

Data Breach Investigation Report figure 70

Malware figured in 27% of Public Sector breaches this year. Not unlike many other verticals, Ransomware was top of the heap with regard to malware varieties and accounted for 61% of malware-related breaches. Backdoors appeared in 38% of breaches involving malware, after which we saw a tight pack of several varieties jockeying for the third-place spot as illustrated in Figure 71.

The Social Engineering attacks we saw in Public Administration were mostly garden-variety Phishing (66% of breaches) and Pretexting (23%) attacks. No less concerning, but not really noteworthy in relation to the other findings.

Data Breach Investigation Report figure 71

Actors behaving badly

The fact that Internal actors are the top threat this year underlines the fact that even the most well-meaning employees can trigger a data breach simply by being careless. For all actors, Error actions accounted for 51% of the cases, while malicious internal actors only accounted for 8%. Figure 72 is an illustration of how the road to breaches is paved with good intentions.

If we set aside the error-related breaches and the End-users who cause them, the most common external actors in this vertical were Organized crime (largely Ransomware attacks) at 67% and State-affiliated actors (29%) (Figure 73).  And while we saw very little change in Espionage threat actors, we did see a slight uptick in financially motivated attacks.

Data Breach Investigation Report figure 72
Data Breach Investigation Report figure 73

96 We discuss in the “Results and analysis – Actors” section how mandatory breach reporting helps everyone understand the truer prevalence of breach causes.

Let’s
connect

Call Sales
877-297-7816

Have us contact you
Request a call

Call for Public Sector
844-825-8389