Scary Stats from Data Breaches in 2021

Jan 25, 2022

2021 has been a record-breaking year for data – and not in a good way.

Data breach costs in 2021 were the highest in the 17-year history of the authoritative Ponemon Institute report, rising by $1.4 million. This increase is estimated to be partially due to lessened security from the higher number of remote workers in response to COVID-19.

Looking at the numbers from 2021 can help businesses start the new year prepared by knowing which industries are the most vulnerable and which modes of attack are the most common.

Top 4 Initial Attack Vectors

Data breaches and attacks tend to have familiar patterns. Here are the four most frequent offenders of 2021:

1. Compromised Credentials

Compromised passwords and usernames took the lead at 20% of data breaches and an average cost of $4.37 million. The leading cause of compromised credentials is the use of the same passwords and usernames across multiple accounts and devices.

2. Phishing

Phishing attacks were the second most frequent source of data breaches in 2021. Phishing accounted for 17% of attacks, with the second-highest average cost of $4.56 million. When employees are undereducated in security awareness, phishing attempts are more likely to succeed.

3. Cloud Misconfiguration

Cloud misconfiguration rang in as 2021’s number three source of data attacks, but on average, it had one of the lowest costs per incident, falling at an estimated $3.86 million. As with phishing, employees not being fully educated on cloud security is the leading reason for a successful attack.

4. Vulnerabilities in Third-Party Software

The fourth most frequent attack came from vulnerabilities in third-party software, with 14% of attacks coming from this vector. Having a risk-mitigation strategy in place is the best way for companies to avoid a data breach while using third-party software.

The Most Expensive Data Attacks

The most expensive type of initial vector attack in 2021 was compromised business emails. Although this attack vector-only accounted for 4% of attacks, it had by far the highest cost, averaging $5.01 million per breach. Once again, insufficient employee training is often the leading cause of vulnerability.

Data Breach by Industry

Here are 2021’s top five industries that suffered data breaches, in order of cost:

  • Healthcare
  • Finance
  • Pharmaceuticals
  • Technology
  • Energy

For the eleventh year in a row, healthcare was the leading industry targeted for data breaches. The healthcare industry also saw a 30% rise in the average cost of a data breach in 2021, now estimated at $9.23 million.

Data Heroes

There were three areas that most impacted a company’s ability to identify and contain a breach in 2021, thereby reducing the overall cost:

    • Security AI
    • Cloud migration
    • Zero trust approach

Companies that took the extra steps to protect their data were rewarded with quicker resolution times and lower overall costs.

Taking Steps to Protect Data

Data breaches have always been costly. The numbers from 2021 paint a grim picture, showing that both the cost and the frequency of successful data breach incidents are on the rise. Now more than ever, it’s vital companies take every step they can to mitigate the loss of data and the millions of dollars lost with it.

SEAM provides certified, secure data destruction, electronics recycling, and value recovery of technology equipment. Located in Sioux Falls, SD, SEAM services businesses throughout North Dakota and South Dakota. Contact us for a quote today.

SEAM provides IT recycling and data destruction services including onsite shredding and hard drive wiping to South Dakota, North Dakota, Minnesota, Iowa, and Nebraska.

Schedule a pickup or contact us for more information.