全球范围数据中断情况分析报告-培训课件外文版2024.4

DIGITAL

&

TRENDSDatabreachesworldwideCHAPTER

01DatabreachesMostsignificantcasesofdatabreachworldwideasofAugust2023(inmillions),bynumberofcompromiseddatarecordsandindividualsimpactedAll-timebiggestonlinedatabreaches2023Number

ofimpacted

users

and

breached

recordsCam4DataBreach(Mar2020)10.88bnrecords3bnacounts1.1bnpeople1.1bnusersYahooDataBreach(2017)*AadhaarDataBreach(Mar2018)AlibabaDataBreach(Jul2022)FirstAmericanFinancialCorporationDataBreach(May2019)Verifications.ioDataBreach(Feb2019)LinkedInDataBreach(Jun2021)885musers763musers700musersFacebookDataBreach(Apr2019)YahooDataBreach(2014)533musers500maccounts500mguests412.2maccounts360maccounts340mpeopleSatwood(Marriott)DataBreach(Nov2018)AdultFreindFinderDataBreach(Oct2016)MySpaceDataBreach(Jun2013)ExactisDataBreach(Jun2018)4Description:ThelargestreporteddataleakageasofAugust2023wastheCam4databreachinMarch2020,whichexposedmorethan10billiondatarecords.Thesecond-largestdatabreachinhistorysofar,theYahoodatabreach,occurredin2013.Thecompanyinitiallyreportedaboutonebillionexposeddatarecords,butafteraninvestigation,thecompanyupdatedthenumber,revealingthatthreebillionaccountswereaffected.ThenextsignificantdataleakagewastheMarch2018security[...]ReadmoreNote(s):Worldwide;August2023;basedonnumberofrecordslost;*YahooDataBreachhappenedin2013butonlydisclosedin2017.Thenumberofrecordsstolenwasoriginallythoughttobemuchsmaller.Yahoorevealedtherealnumbersin[...]

ReadmoreSource(s):UpGuardNumberofdatarecordsexposedworldwidefrom1stquarter2020to1stquarter2023(inmillions)GlobalnumberofbreacheddatasetsQ12020-Q12023140125.7412010095.5879.528068.99604020019.4219.3314.114.7810.0910.456.415.543.33Q12020Q22020Q32020Q42020Q12021Q22021Q32021Q42021Q12022Q22022Q32022Q42022Q120235Description:Duringthefirstquarterof2023,morethansixmilliondatarecordswereexposedworldwidethroughdatabreaches.Sincethefirstquarterof2020,thehighestnumberofexposeddatarecordswasdetectedinthefourthquarterof2020,nearly125milliondatasets.ReadmoreNote(s):Worldwide;Q12020toQ12023;Basedonthesourcecharacteristics,widerindustrymetricsmayvary.Source(s):SurfSharkNumberofaccountsexposedinonlinedatabreachesworldwidein2021and2022,bymarketNumberofbreachedaccountsworldwide2021-2022,bymarket2022104822978340323722354582120144766147415548716166473903935575803381898321728430842712892967253081120213602216623444865209798452256809273993321RussiaChinaUnitedStatesFranceIndonesiaBrazil3295026178625340127565109645779IndiaGermanyAustraliaTurkey6263607Spain119594319691014TaiwanSouthKorea133526266Description:In2022,around104.8millionaccountsbreachedwereoriginatingfromRussia,makingitthecountrywiththemostsignificantnumberofaccountexposuresintheexaminedyear.Chinarankedsecond,withover34millionaccountsbreached,whiletheUnitedStatesfollowed,beinghometo23.5millionbreachedaccounts.Thisindicatedadeclinefrom2021whenthenumberofbreachedaccountswasapproximately209.8million.ReadmoreNote(s):Worldwide;2021and2022;basedonthesourcecharacteristics;widerindustrymetricsmayvarySource(s):SurfSharkShareoforganizationsworldwidethathaveexperiencedalossofsensitiveinformationasofFebruary2023,bycountryGlobalfirmsexperiencingmateriallossofsensitiveinformation2023,bycountryShareofrespondents0%10%20%30%40%50%60%70%80%90%100%SwedenGermanyUnitedStatesJapan87%85%76%75%74%74%UnitedKingdomFranceAustraliaSaudiArabiaWorldwideSpain69%65%63%58%58%BrazilSingaporeItaly55%54%7Description:Accordingtoa2023surveyofChiefInformationSecurityOfficers(CISO)worldwide,nearlynineintenrespondentsinSwedensaidtheirorganizationhadencounteredalossofsensitiveinformationinthepast12months.Germanyrankedsecond,as85percentoftheCISOsstatedthesame.Overall,around63percentoforganizationsacrosstheresearchedmarketssaidtheyhaddealtwithmateriallossofsensitiveinformationinthepreviousyear.

ReadmoreNote(s):Worldwide;

January30andFebruary7,2023;1,400respondents;ChiefInformationSecurityOfficers(CISO);encounteredlossofsensitiveinformationinthepast12monthsSource(s):Censuswide;ProofpointMeantimetoidentifyandcontaindatabreachesworldwidefrom2017to2023(indays)Globalmeantimetoidentifyandcontaindatabreaches2017-2023MeantimetoidentifyMeantimetocontain2122502001501005020620720720419719175737373697066020172018201920202021202220238Description:Asof2023,themeannumberofdaystoidentifythedatabreacheswas204days,slightlylessthaninpreviousyears.Themeantimecompaniesneededtocontainthebreachesin2023was73days.Incomparison,in2022,ittookorganizations207daystoidentifyand70daystoaddressthedatabreaches.ReadmoreNote(s):Worldwide;2017to2023Source(s):IBM;PonemonInstituteMostcommoncausesofsensitiveinformationlossinworldwideorganizationsasofFebruary2023Causesofsensitiveinformationlossinglobalbusinesses2023Shareofrespondents0%

5%10%15%20%25%30%35%40%OSvulnerabilityonendpoint/server/device/otherExternalattack(cybercriminal)36%35%Systemmisconfiguration35%Negligentinsider/employeecarelessness(Anemployeethatunknowinglymisusesdata)34%Maliciousorcriminalinsider(Anemployeethatmisusesdataforthepurposeofharmingtheorganizationintentionally)33%Credentialtheft31%Lost/stolendevices28%9Description:Accordingtoa2023surveyofChiefInformationSecurityOfficers(CISO)worldwide,36percentofthesensitivedatalossatorganizationshappenedbecauseofoperationsecurityvulnerabilitiesonendpoints,servers,ordevices.Afurther35percentoftherespondentssaidexternalattacksandsystemmisconfigurationcauseddataloss.ReadmoreNote(s):Worldwide;

January30andFebruary7,2023;1,400respondents;ChiefInformationSecurityOfficers(CISO);encounteredlossofsensitiveinformationinthepast12monthsSource(s):Censuswide;ProofpointMostcommonconsequencesofsensitiveinformationlossincidentsinworldwideorganizationsasofFebruary2023Globalrepercussionsofsensitiveinformationlossincidents2023Shareofrespondents0%5%10%15%20%25%30%35%40%38%Post-attackrecoverycosts(operationaldowntime,datarecovery,legal,etc.)FinanciallossRegulatorysanctions(finesormarketloss/sanctions)Lossofcriticaldata33%33%31%31%31%31%CredentialtheftLossofcustomersReputationaldamage10Description:Accordingtoa2023surveyofChiefInformationSecurityOfficers(CISO)worldwide,38percentoftheincidentsofsensitivedatalossatorganizationscausedpost-attackrecoverycosts.Roughly33percentexperiencedfinanciallossesandregulatorysanctions,suchasfinesormarketloss.Amongotherrepercussionsofsuchincidentswerereputationaldamage,credentialtheft,andlossofcriticaldata.ReadmoreNote(s):Worldwide;

January30andFebruary7,2023;1,400respondents;ChiefInformationSecurityOfficers(CISO);encounteredlossofsensitiveinformationinthepast12monthsSource(s):Censuswide;ProofpointLargestdataprivacyviolationfines,penalties,settlementsworldwideasofSeptember2023(inmillionU.S.dollars)Globalbiggestdatabreachfines,penalties,andsettlementsworldwide2023FineinmillionU.S.dollars200

40006005758001,0001,2001,1901,400DidiGlobal(2022fine)Amazon(2021fine)877Equifax(2019finefollowing2017breach)Instagram(2022fine)403370350TikTok(2023fine)T-mobile(2022finefollowing2021breach)Meta(2022fine)277255WhatsApp(2021fine)HomeDepot(2016to2020finefollowing2014breach)CapitalOne(2021finefollowing2019breach)Uber(2018finefollowing2016breach)MorganStanley(2022finefollowing2016and2019breaches)GoogleIreland(2022fine)20019014812010211Description:AsofSeptember2023,themostsignificantdataprivacyviolationfineworldwidewastheChinesevehicle-for-hirecompanyDidiGlobal.InJuly2022,China'sdataprivacyregulatorfinedthecompany8.026billionChineseyuanor1.19billionU.S.dollars.The2021AmazonfineissuedbyLuxembourg'sdataprivacyregulationauthoritieswas877millionU.S.dollarsandwasthesecond-biggestdatabreachfineasofthemeasuredmonth.Priorto2021,thelargestfineforadatabreachwasthe[...]

ReadmoreNote(s):Worldwide;September2023Source(s):CSOOnlineCHAPTER

02DatabreachdensityNumberofbreacheduseraccountsperthousandindividualsworldwideasof2ndquarter2023,bymarketDatabreachdensityworldwideQ22023,bymarketNumberofbreacheddatapointsperthousandindividuals020406080100120140160UnitedStatesRussia147106Spain7878FinlandAustraliaSwedenFrance727053SouthSudanTurkey3532Denmark2913Description:Asofthesecondquarterof2023,theUnitedStateswasthemarketwiththehighestdatabreachdensityintheworld.Asoftheexaminedquarter,thenumberofdatapointsbreachedperthousandindividualsinthecountrywas147.Russiarankedsecond,with106breachedaccountsperthousandpeople,followedbySpain,with78breacheddatapoints.ReadmoreNote(s):Worldwide;Q22023;numberofbreacheddatasetsperthousandindividuals,includingdataonlyforcountrieswithapopulationofoveronemillionpeopleSource(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsworldwidefrom1stquarter2023to2ndquarter2023,byregionQuarterlydatabreachdensityworldwide2023,byregionNumberofbreacheddatapointsperthousandindividualsQ22023Q1202360020403880100120EuropeAsia241285NorthAmericaSouthAmericaAfrica9421153Oceania691AntarcticaGlobal10414514Description:Betweenthefirstandthesecondquartersof2023,thedatabreachdensityworldwideincreasednearlythreetimes.ThemostsignificantchangewasseeninNorthAmerica.Inthefirstquarterof2023,nineuseraccountsperthousandpeopleintheregionwerebreached,comparedto85breachedaccountsinthesecondquarterof2023.ReadmoreNote(s):Worldwide;Q12023toQ22023;numberofbreacheddatasetsperthousandindividuals,includingdataonlyforcountrieswithapopulationofoveronemillionpeopleSource(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsintheUnitedStatesfrom3rdquarter2022to2ndquarter2023DatabreachdensityintheU.S.Q32022-Q22023160140120100801476040262016200Q32022Q42022Q12023Q2202315Description:DatabreachdensityintheUnitedStateshassignificantlyincreasedbetweenthethirdquarterof2022andthesecondquarterof2023.Inthethirdquarterof2022,thenumberofexposeddatapointsperthousandindividualsinthecountrywas26,whileitwentupto147inthesecondquarterof2023.ReadmoreNote(s):UnitedStates;Q32022toQ22023;numberofbreacheddatasetsperthousandindividualsSource(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsinRussiafrom3rdquarter2022to2ndquarter2023DatabreachdensityinRussiaQ32022-Q220231801601401201008015310660473640200Q32022Q42022Q12023Q2202316Description:DatabreachdensityinRussiahasdramaticallyfluctuatedbetweenthethirdquarterof2022andthesecondquarterof2023.Inthethirdquarterof2022,thenumberofexposeddatapointsperthousandindividualsinthecountrywas153,whileitdecreasedto36inthenextquarter.Inthesecondquarterof2023,thebreachdensityinRussiareached106.ReadmoreNote(s):Russia;Q32022toQ22023;numberofbreacheddatasetsperthousandindividualsSource(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsinSpainfrom3rdquarter2022to2ndquarter2023DatabreachdensityinSpainQ32022-Q22023908478807060504030201006612Q32022Q42022Q12023Q2202317Description:DatabreachdensityinSpainhasfluctuatedbetweenthethirdquarterof2022andthesecondquarterof2023.Inthethirdquarterof2022,thenumberofexposeddatapointsperthousandindividualsinthecountrywas84,whileitdecreasedto12inthenextquarter.Inthesecondquarterof2023,thebreachdensityinSpainreached78.ReadmoreNote(s):Spain;Q32022toQ22023;numberofbreacheddatasetsperthousandindividualsSource(s):SurfSharkNumberofbreacheduseraccountsperthousandindividualsinFrancefrom3rdquarter2022to2ndquarter2023DatabreachdensityinFranceQ32022-Q22023250212200150100505348130Q32022Q42022Q12023Q2202318Description:Betweenthethirdquarterof2022andthesecondquarterof2023,France'sdatabreachdensityhassignificantlydecreased.Inthethirdquarterof2022,thenumberofexposeddatapointsperthousandindividualsinthecountryreached212,whileitwentdownto53inthesecondquarterof2023.ReadmoreNote(s):France;Q32022toQ22023;numberofbreacheddatasetsperthousandindividualsSource(s):SurfSharkCHAPTER

03CostofadatabreachAveragecostofadatabreachworldwidefromMarch2022toMarch2023,bycountryorregion(inmillionU.S.dollars)Averagetotalcostperdatabreachworldwide2023,bycountryorregionCostinmillionU.S.dollars012345678910UnitedStatesMiddleEastCanada9.488.075.13Germany4.674.524.45JapanGlobalaverageUnitedKingdomFrance4.214.083.863.693.48ItalyLatinAmericaSouthKoreaASEAN3.05SouthAfrica2.7920Description:Asof2023,theUnitedStatesrankedfirstbytheaveragecostofadatabreach,9.48millionU.S.dollars.TheaveragecostofdatabreachesintheMiddleEastis8.07millionU.S.dollars.Canadafollowedintheranking,with5.13millionU.S.dollars.Inthemeasuredperiod,theglobalaveragedatabreachcostwas4.45millionU.S.dollars.ReadmoreNote(s):Worldwide;March2022toMarch2023Source(s):IBM;PonemonInstituteAveragecostofadatabreachworldwidefromMay2020toMarch2023,byindustry(inmillionU.S.dollars)Averagetotalcostperdatabreachworldwide2020-2023,byindustryMay

2020

-

Mar

2021Mar

2021

-

Mar

2022Mar

2022

-Mar

2023Healthcare9.235.725.044.884.654.654.244.243.610.15.975.014.974.724.710.935.9FinancialPharmaceuticalsTechnologyEnergy4.824.664.784.474.734.453.633.653.8ProfessionalservicesIndustrial4.474.353.883.863.863.833.62GlobalaverageResearchEducation3.793.7ConsumerEntertainmentCommunications3.83.623.93.6221Description:BetweenMarch2022andMarch2023,thehighestaveragecostofadatabreach,nearly11millionU.S.dollars,wasdetectedinthehealthcareindustry.Thefinancialsectorrankedsecond,with5.9millionU.S.dollarsonaverageperbreach.Theglobalaveragedatabreachcostinthemeasuredperiodwas4.45millionU.S.dollars.Databreachesinthepublicsectorcostrelativelylow,anaverageof2.6millionU.S.dollarsduringthemeasuredperiod.

ReadmoreNote(s):Worldwide;May2020toMarch2023Source(s):IBM;PonemonInstituteCostperleakedrecordindatabreachesworldwidefrom2014to2023(inU.S.dollars)Globalcostperbreacheddatarecord2014-2023180165164161158154160140120100801501481461451416040200201420152016201720182019202020212022202322Description:Asof2023,thecostperstolenrecordindatabreachesworldwideamountedto165U.S.dollars,upfrom164dollarsinthepreviousyear.Theaveragecostofadatabreachworldwidewas4.45millionU.S.dollars.

ReadmoreNote(s):Worldwide;2014to2023Source(s):IBM;PonemonInstituteAveragetotalcostofadatabreachinindustrialsectorworldwidefrom2019to2023(inmillionU.S.dollars)Globalaveragecostperindustrialdatabreach2019-202365.24.995432104.734.474.242019202020212022202323Description:In2023,theaveragecostofadatabreachintheindustrialsectorworldwidewas4.73millionU.S.dollars,upfrom4.47millionU.S.dollarsin2022.In2019,theaveragecostofanindustrialdatabreachreacheditspeakwithanaverageof5.2millionU.S.dollars.Incomparison,theglobalaveragecostofadatabreachacrossallstudiedindustrieswas4.45millionU.S.dollars.ReadmoreNote(s):Worldwide;2019to2023Source(s):IBM;PonemonInstituteAveragetotalcostofadatabreachinfinancialindustryworldwidefrom2019to2023(inmillionU.S.dollars)Globalcostperdatabreachonaverageinfinancialindustry2019-202375.975.95.865.8565432105.722019202020212022202324/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwideAsof2023,theaveragecostofadatabreachinthefinancialindustryworldwidewas5.9millionU.S.dollars,downfrom5.97U.S.dollarsin2022.Theglobalaveragecostofadatabreachacrossallstudiedindustrieswas4.45millionU.S.dollars.

ReadmoreNote(s):Worldwide;2019to2023Source(s):IBM;PonemonInstituteCostofadatabreachworldwidein2023,byinitialattackvector(inmillionU.S.dollars)Globalcostperrecordofadatabreach2023,byinitialattackvectorCostinmillionU.S.dollars1.5

2.00.00.51.02.53.03.54.04.55.04.95.5MaliciousinsiderPhishing4.764.674.624.554.464.45Businesse-mailcompromiseStolenorcompromisedcredentialsSocialengineeringAccidentaldatalossorlostorstolendeviceUnknown(zero-day)vulnerabilityPhysicalsecuritycompromiseCloudmisconfiguration4.143.96Systemerror25Description:In2023,thedatabreachescausedbyamaliciousinsiderwerethemostexpensive,amountingto4.9millionU.S.dollarsperdatabreach.Databreachescausedbyphishingattacksof4.76millionU.S.dollarsperdatabreach.Adatabreachinitiatedbybusinesse-mailcompromiseattackscost4.67millionU.S.dollarsintheexaminedperiod.ReadmoreNote(s):Worldwide;2023;multipleresponseswerepermittedSource(s):IBM;PonemonInstituteCostdistributionofdatabreachworldwidefrom2018to2023,bymaincostsegments(inmillionU.S.dollars)Globalcostdistributionofdatabreach2018-2023,bymaincostsegmentsLostbusinesscostDetectionandescalationPost-breachresponseNotification5.04.54.03.53.02.52.01.51.00.50.00.371.20.311.180.271.140.211.070.161.020.240.991.241.441.231.111.581.221.591.521.451.421.421.320182019202020212022202326Description:Asof2023,theaveragecostofadatabreachworldwidewasabout4.45millionU.S.dollars.Ofthistotal,1.58millionU.S.dollarswerethecostsfordetectionandescalation,1.3millionU.S.dollarswerethecostsoflostbusiness,and1.2millionU.S.dollarswerepost-breachresponsecosts.ReadmoreNote(s):Worldwide;2018to2023Source(s):IBM;PonemonInstituteCHAPTER

04CommontypesofcompromiseddataTypeofdatacompromisedinworldwidedatabreachesfrom2021to2023Globaltypeofdatacompromised2021-202320212022202360%50%40%30%20%10%0%52%47%44%40%34%34%33%31%28%27%26%26%21%15%12%CustomerPIIEmployeePIIIntellectualpropertyAnonymizedcustomerdata(non-PII)Othercorporatedata28Description:Customers'personalidentifiableinformationwasthemostcommontypeofdatacompromisedinworldwidedatabreaches.Morethan50percentofcompromisedrecordsfellintothiscategoryin2023.Thesecond-mostbreachedkindofdatawasemployeepersonalidentifiableinformation,witharound40percentofallbreachedrecordsinthesameyear.ReadmoreNote(s):Worldwide;2021to2023;multipleresponseswerepermittedSource(s):IBM;PonemonInstituteMostfrequentlycompromisedtypeofdataworldwidefromNovember2021toOctober2022,byattackpatternGlobalcommonlybreachedtypeofdata2021-2022,byattackpatternOther42%27%19%10%21%18%Personal34%SystemInternal24%28%41%%CredentialMedical%Bank%PaymentSystemintrusion31%%%76%86%%%%Socialengineering26%%%BasicwebapplicationattacksMiscellaneouserrorsLostandstolenassetsPrivilegemisuse72%%%%%89%%19%30%34%10%13%12%%87%%%%%73%%%%12%29Description:BetweenNovember2021andOctober2022,87percentofcompromisedinformationthroughlostandstolenassetswaspersonaldata.Furthermore,34percentofdatacompromisedduetoprivilegemisusewasmedicalinformation,while12percentwaspaymentinformation.ReadmoreNote(s):Worldwide;November2021toOctober2022;basedonVERIScharactersitics;widerindustrymetricsmayvarySource(s):VerizonMostcommontypeofcompromiseddataworldwidefromNovember2021toOctober2022,byindustryGlobalcommontypeofbreacheddata2021-2022,byindustryPaymentCredentials38%Personal34%56%74%67%51%60%50%57%38%23%Other26%25%30%17%35%37%26%25%35%32%Internal%Bank%MedicalAccommodationandfoodservicesEducationalservicesFinancialandinsuranceHealthcare41%%%%40%20%%%%38%21%%%%36%%54%%Information%37%19%18%33%16%32%%%Manufacturing%38%%%Miningandutilities*Professional**%24%%%%53%%%PublicadministrationRetail%33%%%37%35%%%30Description:BetweenNovember2021andOctober2022,67percentofcompromisedinformationinthehealthcareindustrywaspersonaldata.Furthermore,60percentofdatacompromisedinthemanufacturingindustrywaspersonalinformation,while38percentwerecompromisedcredentials.ReadmoreNote(s):Worldwide;November2021toOctober2022;basedonVERIScharactersitics;widerindustrymetricsmayvary;*Mining,Quarrying,andOil&GasExtraction+Utilities,**Professional,ScientificandTechnicalServices.Accordingtothe[...]

ReadmoreSource(s):VerizonMostcommontypeofcompromiseddataworldwidefromNovember2021toOctober2022,byorganizationsizeGlobalcommontypeofbreacheddata2021-2022,byorganizationsizeCredentialsInternal37%Other22%System11%SmallandmediumbusinessesLargebusinesses54%37%41%30%22%31Description:BetweenNovember2021andOctober2022,67percentofcompromisedinformationinsmallandmedium-sizedbusinesseswerecompromisedcredentials.Furthermore,over40percentofdatacompromisedinlargebusinesseswasinternalinformation,while22percentwassystemdata.ReadmoreNote(s):Worldwide;November2021toOctober2022;basedonVERIScharactersitics;widerindustrymetricsmayvarySource(s):VerizonMostcommontypeofcompromiseddataworldwidefromNovember2021toOctober2022,byregionGlobalcommonlytypeofbreacheddata2021-2022,byregionInternalSecrets42%%Other33%15%19%24%Credentials29%System%ClassifiedPersonalAsiaPacific(APAC)56%37%32%50%%%%%Europe,MiddleEastandAfrica(EMEA)LatinAmericaandtheCaribbean(LAC)NorthernAmerica53%35%55%%%23%23%%%%67%38%32Description:BetweenNovember2021andOctober2022,56percentofcompromiseddataincompaniesintheAsiaPacificregionwasinternalinformation.Additionally,almost70percentofbreacheddatainNorthernAmericawascredentialinformation.Systemdatacomprised55percentofcompromisedinformationintheLatinAmericanandCaribbeanregion.ReadmoreNote(s):Worldwide;November2021toOctober2022;basedonVERIScharactersitics;widerindustrymetricsmayvarySource(s):VerizonCHAPTER

05ImpactedindustriesGlobalnumberofdatabreacheswithconfirmeddatalossfromNovember2021toOctober2022,bytargetindustryandorganizationsizeDatabreachesworldwide2021-2022,bytargetindustryandorganizationsizeTotal519968Small3764Large2231Unknown460063TotalAccommodationAdministrativeAgricultureConstructionEducation32811313330306641612389328103823231820282EntertainmentFinance1477433380918151904213953388HealthcareInformationManagementManufacturingMining259131821502261134Description:BetweenNovember2021andOctober2022,5199organizationsworldwideexperienceddatabreachesthatincludedconfirmeddataloss.Amongselectedindustries,firmsinthepublicadministrationsectorsawthehighestnumberofdataviolations.Regardingorganizationsize,smalleroneswerevictimizedbydatabreachesmorethanlargecompanies.ReadmoreNote(s):Worldwide;November2021toOctober2022;dataisbasedonVERISreporting;widerindustrymetricsmayvarySource(s):VerizonGlobalnumberofdatabreachincidentsfromNovember2021toOctober2022,byindustryandattackpatternNumberofdatabreachesworldwide2021-20222,byindustryandattackpatternAccommodationAdministrationConstructionEducatBasicwebapplicationattacksDenialofservice18621OtherLostandstolenassetsMiscellaneouserrorsPrivilegemisuse145222281SocialengineeringSystemintrusion182782435Description:BetweenNovember2021andOctober2022,thepublicadministrationsectorsaw300databreachcasescausedbysystemintrusion.Basicwebapplicationattacksresultedin213databreachesinthefinancialindustry.Socialengineeringattackscaused110databreachesintheminingandutilitiessector.ReadmoreNote(s):Worldwide;November1,2021toOctober31,2022;excludingincidentsandbreachesaffectingindividualsthatcannotbetiedtoanorganizationalattributelossSource(s):VerizonWorldwidenumberofdatabreachincidentscausedbyhackingfromNovember2021toOctober2022,byindustryGlobaldatabreachescausedbyhacking2021-2022,byindustryNumberofdatabreaches050100150200250300FinancePublicadministrationProfessional251248227Information201Healthcare175ManufacturingEducation12395Retail88OtherservicesEntertainmentTransportationAccommodationRealestate585046313136Description:BetweenNovember2021andOctober2022,organizationsinthefinancialindustryworldwidesawaround250instancesofdatabreachescausedbyhacking.Publicadministrationrankedsecond,with248databreachcasesinthemeasuredperiod.Furthermore,hackingcaused227databreachincidentsintheprofessiona