Verizon Business has published its 2025 Data Breach Investigations Report (DBIR), revealing a sharp increase in cyberattacks driven by third-party access and unpatched vulnerabilities. The report analyzed over 22,000 incidents, including 12,195 confirmed breaches, and found that 30% of breaches involved third parties—double last year’s figure. Exploitation of vulnerabilities as an initial attack vector rose by 34%, underscoring growing risks at the edge of corporate networks.
Credential abuse (22%) and vulnerability exploitation (20%) were the leading vectors of breach entry. Ransomware remained a persistent threat, present in 44% of breaches, although the median ransom payment declined to $115,000. Despite this, ransomware disproportionately impacted small and medium-sized businesses (SMBs), appearing in 88% of breaches among this group. Human factors also remained a core vulnerability, with social engineering continuing to drive credential-based compromises.
Verizon’s findings emphasize the need for organizations to adopt a multi-layered cybersecurity strategy. Recommendations include timely vulnerability patching, stronger authentication policies, and expanded employee training. The report also called attention to increased espionage-motivated attacks in Manufacturing and Healthcare, while Education, Financial, and Retail sectors continue to face ongoing threats.
- 30% of breaches involved third-party access—double from the previous year.
- Vulnerability exploitation increased by 34%, particularly zero-day attacks on perimeter devices.
- Ransomware present in 44% of breaches; median ransom down to $115,000.
- SMBs continue to bear the brunt of ransomware attacks, with an 88% breach rate.
- Human error and credential abuse remain top contributing factors in breaches.
“Businesses need to invest in robust security measures, including strong password policies, timely patching of vulnerabilities, and comprehensive security awareness training for employees,” said Chris Novak, Vice President, Global Cybersecurity Solutions, Verizon Business.
