Cyberattacks by nation states and parties affiliated with them represent 23 percent of data breaches, up from 12 percent in 2018 and 19 percent in 2017, according to the Data Breach Investigations Report (DBIR).

Other key findings include: 

  • 69 percent of data breaches examined were perpetrated by outsiders, 43 percent  involved internal actors, 39 percent were organized by criminal groups and two percent involved partners.
  • 52 percent of breaches featured hacking, 33 percent included social attacks, 28 percent involved malware, 21 percent were errors, 15 percent were misuse by authorized users and four percent of them were causes of physical attacks. 
  • 16 percent of data breaches were in the public sector, 15 percent involved healthcare organizations, 10 percent were in the financial industry and 43 percent of them involved small business victims. 

Key takeaways include: 

  • C-level executives were twelve times more likely to be the target of social incidents and nine times more likely to be the target of social breaches than in years past.
  • There’s been a corresponding increase in hacking cloud-based email servers via the use of stolen credentials.
  • Payment card web application compromises are well on their way to exceeding physical terminal compromises in payment card-related breaches. 
  • Ransomware attacks are still going strong, and account for nearly 24 percent of incidents where malware was used.
  • The number of physical terminal compromises in payment card-related breaches is decreasing when compared to web application compromises.
  • Click-through rates on phishing simulations for data partners fell from 24 percent to three percent during the past seven years. Eighteen percent of people who clicked on test phishing links did so on mobile devices.