Financially motivated organized criminals utilizing attacks against web applications have their sights set on this industry. But employee errors such as standing up large databases without controls are also a recurring problem. These, combined with social engineering in the forms of phishing and pretexting attacks, are responsible for the majority of breaches in this industry.
112 incidents, 67 with confirmed data disclosure
Everything Else, Web Applications and Miscellaneous Errors represent 69% of breaches.
External (68%), Internal (32%) (breaches)
Financial (74%—98%), Espionage (1%—21%), Convenience (0%—15%) (breaches)
Personal (64%), Credentials (34%), Other (23%) (breaches)
Boundary Defense (CSC 12), Implement a Security Awareness and Training Program (CSC 17), Secure Configurations (CSC 5, CSC 11)
Data Analysis Notes
Actor motives are represented by percentage ranges, as only 26 breaches had a known motive. Some charts also do not have enough observations to have their expected value shown.