NATIONAL REPORT—Verizon has released its “2020 Data Breach Investigations Report” (DBIR). Now in its 13th year, the DBIR series provides a comprehensive view of global cybersecurity based on actual cyberattacks from malware to insider threats to cyber espionage, including recommendations for businesses and government agencies on how to combat attacks.
This year’s report analyzed more than 32,0000 security incidents, of which 3,950 were confirmed breaches—almost double the number of breaches analyzed in last year’s report.
Key findings from the retail and hospitality sector this year include the following:
- Credential stuffing is a significant problem, as nearly half of top hacking varieties in retail industry breaches came from stolen cards.
- Based on the vulnerability data, only about half of all vulnerabilities are getting patched within the first quarter after discovery.
- Web Applications, Everything Else and Miscellaneous Errors combined represent 72% of breaches, including the use of stolen credentials and the exploitation of vulnerable web app infrastructure.