Verizon Breach Report Finds Targeted C-Suite, Steady Ransomware

Thom Weidlich 05.16.19


Verizon’s latest data-breach report, its 12th annual, finds an increase in C-suite executives targeted, a steady dose of ransomware, and a turning to web-application compromises for the retail sector as opposed to point-of-sale manipulations. These are trends to be aware of for both prevention and communication purposes.

The “Verizon 2019 Data Breach Investigations Report” analyzes 41,686 security incidents, including 2,013 confirmed breaches, from 86 countries. The data come from 73 contributors, both public and private, including — for the first time — the FBI. (You can read the executive summary here.)

A major finding is an increase in intruders targeting C-level executives for entryway; this may be because those company leaders have access to so much sensitive information. Companies still aren’t focused enough on educating employees — even high-sitting employees — about the risks of cybercrime.

As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed.

— Bryan Sartin, Verizon’s executive director of security professional services

“Senior executives are 12 times more likely to be the target of social incidents, and nine times more likely to be the target of social breaches than in previous years — and financial motivation remains the key driver,” according to the May 8 press release announcing the report.

On the other hand, Verizon found six times fewer human-resource personnel impacted over last year — so-called W-2 tax-form scams almost disappeared from the data.

Ransomware remains a problem, accounting for 24 percent of malware incidents (though that’s down from 39 percent in last year’s report). “Ransomware has become so commonplace that it is less frequently mentioned in the specialized media unless there is a high-profile target in the mix,” according to the report. In recent weeks, both Baltimore City and the Weather Channel have had such attacks.

Cloud Services

The growing use of cloud services is exposing companies to increased risk, specifically a shift toward the compromise (via stolen credentials) of email accounts that are cloud-based, Verizon says. Basically, the criminals are moving from hacking emails on companies’ servers to hacking emails in the cloud.

“As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed,” Bryan Sartin, Verizon’s executive director of security professional services, said in the press release.

In an encouraging sign, security-awareness vendors report that the click rates on simulated phishing attacks in training continue to plummet (down to 3 percent).

Finally, Verizon reports that the number of physical-terminal compromises in breaches related to payment cards is decreasing compared to web-application compromises. The company suggests this may be due to the success of cards that have chips and require a PIN (“chip and pin” technology).

“Since 2015, point-of-sale breaches have decreased by a factor of 10, while web application breaches are now 13 times more likely,” Verizon said.

This is not strictly a retail story, though that vertical can be assumed to be a big part of it; the data come from the National Cyber-Forensics and Training Alliance, which tracks card-present versus card-not-present fraud, but independent of industry.

Image Credit: Shutterstock

This is an abridged version of an article that appeared today on the CrisisResponsePro paid subscription portal. (CrisisResponsePro subscribers can access the full version by clicking here. ID and password are required.) To take advantage of all of the content, data, and collaborative resources CrisisResponsePro has to offer, contact us at


Related:What We’ve Got Here Is Failure to Communicate: Data-Breach Survey