According to an Expel report, identity threats accounted for 64% of all investigated incidents and increased in volume by 144% from 2022. Of those incidents, 60% were unauthorized email logins and 40% were authentications to identity platforms, like Microsoft Entra ID, Okta, Ping and Duo.

The report found that 35% of organizations experienced more than one incident (up from 24% in 2022). Organizations saw an average of eight identity-based incidents over the year, according to the report.

The report found a 72% increase in cloud infrastructure incidents, roughly consistent with 2022. Exposed credentials (or secrets) were the leading root cause of cloud infrastructure incidents (42%), according to the report. Publicly exposed or stolen credentials allow attackers to maintain persistent access to the cloud environment with the permissions tied to that identity or role.

Hospitality, technology and financial services also made the list of top industries where we identified the most high-risk malware and identity incidents.

The report found that while malware as a percentage of overall incidents decreased by 25% in 2023, the potential impact of both high-risk and latent-risk malware should not be discounted. Phishing incidents tripled from 2% in 2022 to 6% in 2023, according to the report. The percentage of authorized penetration tests and red teams investigated decreased 43%.

Find out more here.