Third-party data breaches against energy organizations were analyzed in a recent report by SecurityScorecard. The report found that 90% of the world’s leading energy companies experienced a third-party data breach in the past 12 months. One hundred percent of the top 10 U.S. energy companies experienced a third-party breach.

Ninety-two percent of the energy companies evaluated have been exposed to a fourth-party breach, and 33% of energy companies had a C Security Rating or below. MOVEit was the most prevalent third-party vulnerability in the last six months, with hundreds of companies impacted around the world.

Four percent of third-party vendors had experienced breaches themselves. Research found that 98% of organizations use at least one third-party vendor that has experienced a breach in the last two years.

Read the full report here.