Point of Sale related attacks no longer dominate breaches in Accommodation and Food Services. Instead, responsibility is spread relatively evenly among several attack types including malware, error and hacking via stolen credentials. Financially motivated attackers continue to target this industry for the payment card data it holds.
125 incidents, 92 with confirmed data disclosure
Crimeware, Web applications, and Point of Sale represent 61% of data breaches
External (79%), Internal (22%), Multiple (2%), Partner (1%) (breaches)
Financial (98%), Secondary (2%) (breaches)
Payment (68%), Personal (44%), Credentials (14%), Other (10%) (breaches)
Limitation and Control of Network Ports, Protocols, and Services (CSC 9), Boundary Defense (CSC 12), Data Protection (CSC 13)