Breaches Overview

Metric	Value
Total incidents analyzed	30,458
Confirmed data breaches	10,626
Countries affected	94

Phishing and Credential Theft

Metric	Value (seconds)
Median time to click on malicious link	21
Time to enter data after clicking	28

Financially Motivated Attacks

Metric	Value
Percentage of ransomware and extortion attacks over past 3 years	~65%
Median loss from ransomware/extortion breaches	$46,000
Range of losses for 95% of cases	$3 - $1,141,467
Percentage of BEC incidents in financially motivated attacks	25%
Median transaction amount in BEC incidents	$50,000

Breach Patterns

Pattern	Details
System Intrusion	Dominated by ransomware and exploitation of vulnerabilities
Social Engineering	Significant use of pretexting leading to BEC
Basic Web Application Attacks	Mainly involved credential theft and exploitation of vulnerabilities

Actor Types and Motives

Actor Type	Percentage
External	65%
Internal	35%

Asset Types

Asset Type	Details
Servers	Most breaches, particularly file servers affected by MOVEit
Persons	Increased involvement due to social engineering and extortion
Media	Growth tied to misdelivery errors

Attributes Compromised

Attribute	Details
Confidentiality	Personal data most commonly compromised
Integrity	Significant increase in alteration behaviors
Availability	Consistently targeted in ransomware attacks

Vulnerability Exploitation

Metric	Value (days)
Median time to remediate critical vulnerabilities	55
Median time for first scan after vulnerability publication (CISA KEV)	5
Median time for first scan after vulnerability publication (non-CISA KEV)	68