https://www.verizon.com/business/resources/reports/dbir
Verizon’s 2025 Data Breach Investigations Report (DBIR) paints a concerning picture of today’s cybersecurity landscape, with third-party involvement in breaches doubling to 30% and vulnerability exploitation jumping by 34%. The comprehensive analysis, which examined over 22,000 security incidents including 12,195 confirmed data breaches, signals an urgent need for organisations to reassess their security strategies.
Credential abuse and vulnerability exploitation continue to dominate as the primary attack vectors, accounting for 22% and 20% of initial breaches respectively. The report reveals a particularly troubling trend in zero-day exploits targeting perimeter devices and VPNs, creating new challenges for security teams racing to implement patches.
“The DBIR’s findings underscore the importance of a multi-layered defense strategy,” said Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon Business. “Businesses need to invest in robust security measures, including strong password policies, timely patching of vulnerabilities, and comprehensive security awareness training for employees.”
Ransomware attacks have increased by 37% since last year and now appear in 44% of all breaches. While the median ransom payment has decreased, the typical payout of US$115,000 remains devastating for many small and medium-sized businesses, which are disproportionately targeted by these attacks. Even more concerning, ransomware was present in 88% of breaches affecting SMBs.
The doubling of third-party involvement in breaches highlights the expanding attack surface created by supply chain and partner ecosystems. This trend underscores the need for organisations to extend security protocols beyond their own networks to include vendor risk assessments and third-party security evaluations.
Industry-specific findings reveal an alarming rise in espionage-motivated attacks targeting the Manufacturing and Healthcare sectors, while Education, Financial, and Retail industries continue to face persistent threats.
Despite these worrying trends, the report offers some positive developments, with 64% of victim organisations refusing to pay ransoms, up from 50% two years ago.