Data breaches are getting worse - and many are coming from a familiar source

Employee errors are still the number one cause of breaches

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hacking an IT network viazero-day vulnerabilitiesmay grab all the headlines, but the vast majority of cybersecurity-related incidents come as a consequence of employee error.

The latest Verizon Business Data Breach Investigations Report (DBIR) found half (49%) of the incidents across the EMEA region are initiated internally.

Across the EMEA region, the top reasons for cybersecurity incidents include “miscellaneous errors, system intrusion, and social engineering” (87% of all breaches).

Zero-days still a major threat

When hackers make their way into an IT network, they mostly steal personal information (64%), followed by internal data (33%), and login credentials (20%).

But even when data breaches aren’t accidental and include a malicious third party, they are still initiated with a non-malicious human action, Verizon further explains. That means that an employee will either make a mistake, or fall prey to a social engineering attack.

“The persistence of the human element in breaches shows that organizations in EMEA must continue to combat this trend by prioritizing training and raising awareness of cybersecurity best practices,” said Sanjiv Gossain, EMEA Vice President, Verizon Business.

However, the increase in self-reporting is promising and indicates a cultural shift in the importance of cybersecurity awareness among the general workforce.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

This doesn’t mean that attacks via zero-days are negligible. In fact, globally, the exploitation of vulnerabilities as an initial point of entry increased since last year, accounting for 14% of all breaches, Verizon’s report further stated. This spike was driven mostly by the MOVEit cyberattack, which saw the ransomware actors known as Cl0p abusing a zero-day in the managed file transfer solution to compromise thousands of organizations worldwide, and steal enormous amounts of sensitive information.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Nvidia RTX 5090 Ti suddenly pops up – and RTX 6000 GPUs are mentioned in trademark filings too – but don’t get excited