40+ Third-Party Data Breach Statistics for 2024
Picture this: you're sipping your morning coffee, expecting a regular day, when suddenly you discover your personal data has been breached. According to a report that crossed our desks recently, detecting unauthorized access to your accounts or devices is most likely to provoke feelings of anger, stress, and vulnerability. The trio of emotions sounds like a great tagline for a thriller movie, doesn't it?
As uncomfortable as it might be to dive into this world of digital intrusions, it's a topic we can't ignore. In this cyber age, data breaches have transformed from a tech boogeyman into a frightening reality. After all, who among us wants to play the leading role in a real-life cyber-thriller? Cue the dramatic music and a suspenseful pause here.
Now, before you wrap your computer in bubble wrap and dig a moat around your Wi-Fi router, take a deep breath. Today, we're breaking down the often surreal world of third-party data breaches with some surprising and enlightening statistics. By the end of this blog post, our goal is not to increase your stress levels but to equip you with a more comprehensive understanding of the modern data landscape.
Let's begin our exploration into the somewhat shadowy realm of third-party data breaches and arm ourselves with knowledge, the best shield against cyber threats!
What is a third-party security risk?
A third-party security risk arises when your organization's sensitive data, systems, or services can be accessed or affected by a third-party provider or partner. This third party could be a vendor, a supplier, a contractor, or even a Software as a Service (SaaS) provider.
Take, for example, the increasingly popular SaaS applications such as Microsoft 365, Google Workspace, or Salesforce. These cloud-hosted software solutions offer various services, from productivity tools and customer relationship management to human resources and financial systems. They enable businesses to evade the complexities of building and maintaining their own software infrastructure, which can be a huge advantage.
However, these applications, given their cloud-hosted nature, have direct access to critical business data. If the SaaS provider's security measures are not robust or if they suffer a breach, your data could be exposed. This is a quintessential example of a third-party security risk.
Top third-party data breach statistics
A significant portion, approximately 38%, of individuals remain unaware that their identity is susceptible to theft.
IBM's analysis presents a worrying reality; an overwhelming 83% of surveyed organizations have been victims of more than one data breach. These breaches don't just impact the security landscape but also influence the economic one. In fact, increased prices were passed on to customers in 60% of cases following data breaches.
Alarmingly, 79% of crucial infrastructure organizations haven't implemented a zero-trust architecture, an essential component in today's cybersecurity strategy.
One critical aspect when we look at the third-party data breach statistics is that partners can be the cause. Business partners might lead to data compromise. Furthermore, the interconnectedness of businesses adds another layer of risk, as 19% of breaches occurred due to compromises with business partners.
Even as the world moves towards cloud storage, this transition isn't without risks. Cloud-based data breaches accounted for 45% of the total.
In terms of financial impact, the average cost of a data breach is severe, standing at a staggering $4.35 million. This reinforces the importance of investing in robust security measures.
Are you using cloud service providers like AWS, Azure, and Google Cloud? You might want to check our article on Cloud Security Statistics.
The issue of compromised credentials remains a significant concern. This breach method accounted for 19% of all incidents, underscoring the need for better password management and authentication practices.
Over half of the businesses, precisely 54%, fall short when it comes to adequately vetting their third-party vendors.
On average, the identification and containment of a supply chain breach take 26 days longer than the global average for other types of breaches.
Gartner has noted an uptick in 2022's cyberattacks attributed to third-party affiliates and services. It appears cybercriminals are progressively exploiting these third parties, including software vendors, to assault significant targets. This approach has resulted in cyber breaches, primarily due to Security and Risk Management (SRM) personnel's shortcomings in adequately monitoring and mitigating risks stemming from these third-party services.
Human factors and third-party risks drive cybersecurity challenges
The human element remains a substantial factor in security breaches, with a significant 82% of incidents involving aspects such as social attacks, errors, and misuse.
This is further complicated by the fact that 62% of system intrusion incidents have involved adversaries exploiting partners. These numbers underscore the vital need for comprehensive employee training and rigorous vetting of third-party partners.
The healthcare industry, in particular, has faced a significant burden, experiencing the highest average cost of a breach for an uninterrupted period of 12 years. This illustrates this sector's profound and persistent challenges in protecting sensitive patient data.
Furthermore, almost every organization, 98% to be precise, has at least one vendor that has suffered a breach in the past two years. This statistic speaks to the ubiquitous nature of cybersecurity threats in our increasingly interconnected business ecosystem and the vital importance of robust third-party risk management strategies.
Third-party data breaches due to misconfiguration
A considerable majority of companies are dealing with exposed data in cloud environments. In fact, a striking 81% of organizations have experienced sensitive data exposure due to SaaS applications.
A lack of Multi-Factor Authentication (MFA) simplifies the task for potential attackers. On average, a company harbors 4,468 user accounts without MFA, thus providing a more straightforward path for cybercriminals to access and compromise internal data.
Neglected administrative accounts put businesses at risk. Among an average of 33 super administrator accounts within an organization, more than half lack MFA, granting easier access for cyber attackers to exploit these accounts, pilfer data, establish backdoors, and cause disruption.
Unmanageable permission structures pose significant hurdles. Businesses grapple with over 40 million distinct permissions spanning across their SaaS applications. This multitude of permissions creates a complex scenario for IT and security teams tasked with mitigating and managing cloud data risks.
Biggest third-party data exposures in 2023
Discord Data Incident - May 12
The popular messaging and video chatting platform, Discord has alerted users about potential data exposure following a breach. The incident reportedly occurred due to a malicious individual gaining access through a third-party customer service representative.
Discord has informed its users that their email addresses, customer service inquiries, and any documents dispatched to Discord could have potentially been accessed. The compromised customer service agent's account has been secured, and the company is currently working diligently to confirm the absence of any lingering threats on their devices or network.
ChatGPT Data Exposure - March 24
A glitch in ChatGPT's open-source library resulted in a leakage of customer personal data, encompassing certain credit card details and the titles of some initiated chats. In the aftermath of the incident, OpenAI confirmed that "prior to ChatGPT's temporary shutdown, there existed a possibility for some users to access other active users' personal details, which included first and last names, email addresses, payment addresses, the final four digits of a credit card number, and the credit card's expiry date. Importantly, full credit card numbers remained secure throughout this period."
T-Mobile Security Incident - May 1
T-Mobile finds itself at the center of another data breach, this time impacting approximately 800 customers of the telecommunications giant. The latest reports indicate that customer contact information, ID documents, and potentially social security numbers were obtained from PIN-secured accounts, along with other personal details related to T-Mobile customers.
The extent of the accessed data was outlined in a breach notification letter dispatched to customers by T-Mobile, a copy of which was later made public by Bleeping Computer. Regrettably, this marks the second data breach for the company within the year. The first, in January, had a considerably larger impact, affecting 37 million customers. This follows previous breaches in December 2021 and November 2022, suggesting a pattern of security concerns for the company.
Data breach statistics by industry
Healthcare
For the 12th consecutive year, healthcare retained its position as the industry with the highest data breach costs.
The average comprehensive cost of a healthcare data breach increased from USD 9.23 million in 2021 to USD 10.10 million in 2022. This represents a rise of USD 0.87 million or 9.4%. The healthcare sector, recognized as critical infrastructure by the US government, is among the most stringently regulated industries.
Hacking incidents took the lead in breach reports, comprising 71.4% (555 out of 707) of the reported breaches in 2022. These hacking/IT incidents accounted for 84.6% of the total compromised records during that period.
The average size of a breach was approximately 79,075 records, while the median size stood at 8,871 records. Notably, although the number of healthcare data breaches experienced a slight decline, there was a 1.65% increase in the number of hacking/IT incidents in 2022.
In 2022, a total of 11 healthcare data breaches involving more than 1 million records and an additional 14 breaches comprising over 500,000 records were reported. The majority of these breaches fell under the category of hacking incidents, with a notable presence of ransomware attacks or extortion attempts.
However, several incidents stood out as impermissible disclosure cases resulting from the utilization of pixels on websites. These third-party tracking technologies were implemented to enhance services and website functionality. Unfortunately, when users visited these websites while logged into their Google or Facebook accounts, the collected data was unintentionally transmitted to third parties like Meta and Google.
Finance
Based on data from Cyber Risk Analytics, the finance and insurance sector emerged as the most-breached industry in 2022.
As of December 9, a total of 566 data breaches were reported in finance and insurance entities worldwide, resulting in a staggering 254 million leaked records.
Notably, approximately 57 percent of these breaches were attributed to general hacking incidents, highlighting the constant threat cybercriminals pose to this sector.
Additionally, around 6.5% of the breaches were linked to skimming activities. Although the financial sector faced a significant number of breaches, it ranked second in terms of the overall volume of data breaches that occurred throughout the year.
Suggested reading: State of Cybersecurity in the Financial Sector
Third-party data breaches in the SaaS environment
Third-party data breaches in the realm of Software as a Service (SaaS) applications pose a significant risk to organizations, as highlighted by several alarming statistics.
Multi-Factor Authentication (MFA)
The average company has a staggering 4,468 user accounts without Multi-Factor Authentication (MFA) enabled. This lack of additional security measures makes it easier for attackers to exploit vulnerabilities and gain unauthorized access to internally exposed data.
Permissions
The proliferation of SaaS applications has resulted in a complex web of permissions, with over 40 million unique permissions spread across these platforms. This vast number of permissions creates a daunting challenge for IT and security teams responsible for managing and mitigating the risks associated with cloud data.
When quantifying the potential financial impact, it becomes apparent that the average organization faces over $28 million in SaaS data breach risk. This figure underscores the need for robust security measures and proactive risk management strategies in the SaaS ecosystem.
Super admin accounts
The security of super admin accounts, which wield significant control and access privileges, is a critical concern. Shockingly, more than half of the 33 super admin accounts lack MFA protection. Compromising these privileged accounts grants attackers the ability to pilfer extensive amounts of data, create backdoors, and wreak havoc within the organization's systems.
File-sharing
The magnitude of sensitive data exposure within the cloud environment is cause for alarm. On average, each terabyte of data stored in the cloud contains over 6,000 sensitive files, nearly 4,000 folders shared with external contacts, and more than 2.1 million permissions controlling access. This extensive exposure poses a data breach crisis waiting to happen, as the potential impact and reach of unauthorized access are substantial.
Recent findings from the BetterCloud 2023 State of SaaSOps report paint a concerning picture. Approximately 81% of organizations have experienced the exposure of sensitive SaaS data, a substantial increase from 48% in the previous year. Despite this, only around 60% of organizations believe they invest enough resources to adequately protect data within SaaS applications, indicating a concerning perception gap between investment and the actual risks at hand.
To mitigate these risks, organizations must prioritize implementing robust security measures, such as enabling MFA for user accounts, conducting thorough permissions management, and regularly assessing and securing super admin accounts. Acknowledging the potential vulnerabilities and taking proactive steps to protect sensitive data within the SaaS environment is crucial.
Protect your data across the SaaS landscape
Resmo helps modern companies that implement third-party SaaS applications into their day-to-day work to secure SaaS usage, configurations, and data in their workplace. It natively integrates with popular SaaS tools, including Slack, Hubspot, Salesforce, GitHub, and Google Workspace. With Resmo, you can:
- Identify potential vulnerabilities
- Track user activities
- Discover the SaaS tools employees in your organization login to
- Automate SaaS security and compliance checks
- Eliminate Shadow IT
- See if MFA is activated across SaaS apps
- Detect overly permissive access rights
- Spot weak/repeated passwords
With Resmo, you can take proactive steps to safeguard your data across SaaS environments. Its powerful features empower your organization to reduce the risk of data breaches, enhance security controls, and strengthen overall data protection posture.
Find unauthorized SaaS usage in your company
What to read next:
