Verizon Business has released its 2025 Data Breach Investigations Report (DBIR), which reveals a significant increase in cyberattacks. The report found that third-party involvement in breaches has doubled to 30%, and exploitation of vulnerabilities has surged by 34%, creating a concerning threat landscape for businesses globally.
The report, which analyzed over 22,000 security incidents, including 12,195 confirmed data breaches, found that credential abuse (22%) and exploitation of vulnerabilities (20%) continue to be the leading initial attack vectors, highlighting the critical need for enhanced security measures.
“The DBIR’s findings underscore the importance of a multi-layered defense strategy,” said Chris Novak, Vice President, Global Cybersecurity Solutions, Verizon Business. “Businesses need to invest in robust security measures, including strong password policies, timely patching of vulnerabilities, and comprehensive security awareness training for employees.”
Key findings from the report emphasize the urgency for businesses to address cybersecurity threats:
- Exploitation of Vulnerabilities: This initial attack vector saw a 34% increase, with a significant focus on zero-day exploits targeting perimeter devices and VPNs
- Ransomware: Ransomware attacks rose by 37% since last year, and are now present in 44% of breaches, despite a noticeable decrease in the median ransom amount paid
- Third-Party Involvement: The percentage of breaches involving third parties doubled, highlighting the risks associated with supply chain and partner ecosystems
- Human Element: Human involvement in breaches remains high, with a significant overlap between social engineering and credential abuse
The 2025 DBIR also shed light on industry-specific trends, revealing an alarming rise in espionage-motivated attacks in the Manufacturing and Healthcare sectors, and persistent threats to the Education, Financial, and Retail industries. The report also highlighted the disproportionate impact of ransomware on small and medium-sized businesses (SMBs).
Verizon Business’s 2025 DBIR serves as a wake-up call for businesses to take immediate action to strengthen their cybersecurity posture and mitigate the risks posed by evolving cyber threats. With the median ransom payment to cybercriminals last year being US$115,000, this is a significant amount for many SMBs. By adopting a proactive and comprehensive approach to cybersecurity, businesses can help safeguard their assets, protect their customers, and ensure their long-term success in an increasingly digital world.
“This year’s DBIR findings reflect a mixed bag of results. Glass-half-full types can celebrate the rise in the number of victim organizations that did not pay ransoms with 64% not paying vs 50% two years ago. The glass-half empty personas will see in the DBIR that organizations that don’t have the proper IT and cybersecurity maturity – often the SMB sized organizations, are paying the price for their size with ransomware being present in 88% of breaches,” said Craig Robinson, Research Vice President, Security Services at IDC. “While there is no magic pill to swallow that will alleviate the pain of cybersecurity attacks, Verizon’s leadership in educating the public on the types of attacker motives, tactics and techniques is a key head start in raising global awareness and cyber readiness”
