You are here

Home

(TLP:CLEAR) Verizon’s 2025 Data Breach Investigations Report (DBIR)

(TLP:CLEAR) Verizon’s 2025 Data Breach Investigations Report (DBIR)

TLP:CLEAR
Created: Thursday, April 24, 2025 - 14:49
Categories:
Cybersecurity, Security Preparedness

Summary: Verizon released the 18th edition of one of the most sought-after annual reports – the Data Breach Investigation Report (DBIR) – which catalogs and analyzes the past year’s trends in cyber crime and provides a comprehensive view of the global threat landscape. This year’s 100-page report covers cyber incidents and data breaches between November 1, 2023, and October 31, 2024, and includes 12,195 confirmed data breaches and 22,052 total incidents in its data set.

Analyst Note: This year’s DBIR includes several significant findings into potential threats and attack vectors, including insights into ransomware, business email compromise (BEC), various critical infrastructure sectors, as well as Generative AI usage. Some significant findings include:

  • Ransomware, with or without encryption, saw 37% growth from last year’s report and was present in 44% of all breaches in the data set. However, the median amount paid to ransomware groups decreased to $115,000 (from $150,000 last year). Ransomware is also disproportionally affecting small organizations, SMBs which are similar in size and have a similar security maturity as small rural water utilities.
  • About 88% of the breaches involved the use of stolen credentials which sometimes serves as both the first and only action, while other times is just one step in a larger attack chain.
  • The most common attack vector continues to be credential abuse (34%), although vulnerability exploitation as an initial access vector saw another year of growth, reaching 20%.
  • 15% of employees were routinely accessing GenAI systems on their corporate devices, at least once every 15 days, and a large number of those were either using non-corporate emails as their account identifier or were using their corporate emails without integrated authentication in place. This suggests significant use of GenAI outside of corporate policy.

Members are encouraged to review this seminal report and share the findings and insights within their organization to strengthen cybersecurity posture and ensure everyone is aware of potential threats and attack vectors. The DBIR also makes a great resource for security awareness and education training topics.

Original Source: https://www.verizon.com/business/resources/reports/dbir/

Additional Reading:

Related WaterISAC PIRs: 6, 7, 8, 10, 11, 12