Scary Stats from Data Breaches in 2021
2021 has been a record-breaking year for data – and not in a good way.
Data breach costs in 2021 were the highest in the 17-year history of the authoritative Ponemon Institute report, rising by $1.4 million. This increase is estimated to be partially due to lessened security from the higher number of remote workers in response to COVID-19.
Looking at the numbers from 2021 can help businesses start the new year prepared by knowing which industries are the most vulnerable and which modes of attack are the most common.
Top 4 Initial Attack Vectors
Data breaches and attacks tend to have familiar patterns. Here are the four most frequent offenders of 2021:
1. Compromised Credentials
Compromised passwords and usernames took the lead at 20% of data breaches and an average cost of $4.37 million. The leading cause of compromised credentials is the use of the same passwords and usernames across multiple accounts and devices.
2. Phishing
Phishing attacks were the second most frequent source of data breaches in 2021. Phishing accounted for 17% of attacks, with the second-highest average cost of $4.56 million. When employees are undereducated in security awareness, phishing attempts are more likely to succeed.
3. Cloud Misconfiguration
Cloud misconfiguration rang in as 2021’s number three source of data attacks, but on average, it had one of the lowest costs per incident, falling at an estimated $3.86 million. As with phishing, employees not being fully educated on cloud security is the leading reason for a successful attack.
4. Vulnerabilities in Third-Party Software
The fourth most frequent attack came from vulnerabilities in third-party software, with 14% of attacks coming from this vector. Having a risk-mitigation strategy in place is the best way for companies to avoid a data breach while using third-party software.
The Most Expensive Data Attacks
The most expensive type of initial vector attack in 2021 was compromised business emails. Although this attack vector-only accounted for 4% of attacks, it had by far the highest cost, averaging $5.01 million per breach. Once again, insufficient employee training is often the leading cause of vulnerability.
Data Breach by Industry
Here are 2021’s top five industries that suffered data breaches, in order of cost:
- Healthcare
- Finance
- Pharmaceuticals
- Technology
- Energy
For the eleventh year in a row, healthcare was the leading industry targeted for data breaches. The healthcare industry also saw a 30% rise in the average cost of a data breach in 2021, now estimated at $9.23 million.
Data Heroes
There were three areas that most impacted a company’s ability to identify and contain a breach in 2021, thereby reducing the overall cost:
-
- Security AI
- Cloud migration
- Zero trust approach
Companies that took the extra steps to protect their data were rewarded with quicker resolution times and lower overall costs.
Taking Steps to Protect Data
Data breaches have always been costly. The numbers from 2021 paint a grim picture, showing that both the cost and the frequency of successful data breach incidents are on the rise. Now more than ever, it’s vital companies take every step they can to mitigate the loss of data and the millions of dollars lost with it.
SEAM provides certified, secure data destruction, electronics recycling, and value recovery of technology equipment. Located in Sioux Falls, SD, SEAM services businesses throughout North Dakota and South Dakota. Contact us for a quote today.
SEAM provides IT recycling and data destruction services including onsite shredding and hard drive wiping to South Dakota, North Dakota, Minnesota, Iowa, and Nebraska.
Schedule a pickup or contact us for more information.