Major Rise in Identity Breaches: 71% of Organizations Affected

Severity: High (Score: 69.5)

Sources: www.sophos.com, Markets.Businessinsider, Sophos, Cybersecuritydive

Summary

A recent survey by Sophos revealed that 71% of organizations experienced at least one identity-related breach in the past year, with an average of three incidents per organization. The report, based on responses from 5,000 IT and cybersecurity leaders across 17 countries, highlighted that 67% of ransomware attacks originated from identity compromises. Human error was a significant factor, accounting for 43% of incidents, while weak management of non-human identities (NHIs) contributed to 41%. The financial impact is severe, with mean recovery costs reaching $1.64 million. Organizations are struggling to manage NHIs, with only 33% regularly auditing these identities. The report emphasizes the urgent need for improved identity security measures as AI-driven attacks proliferate. Key Points: • 71% of organizations suffered at least one identity-related breach in the past year. • 67% of ransomware incidents were linked to identity compromises. • Human error and poor NHI management are primary causes of identity breaches.

Key Entities

• Data Breach (attack_type)
• Ransomware (attack_type)
• Australia (country)
• Brazil (country)
• France (country)
• Germany (country)
• India (country)
• CWE-798 - Use of Hard-coded Credentials (cwe)
• sophos.com (domain)
• Government (industry)