Skip to main content

🔒 Trends in data breaches across 10 commonly targeted industries

Generic hacking computer (Bill Hinton, Getty Images)

If you’ve ever worked in any number of office jobs, you’ve probably become familiar with mandatory computer safety training courses and those persistent reminders to change your password every few months.

These efforts are just the first line of defense for protecting companies and organizations from dreaded (and often costly) cyberattacks. The hackers behind these attacks may hold data for ransom or, worse, sell off sensitive business information and clients’ personal data. Prominent data breaches have made headlines in recent months, impacting customers of the insurance company UnitedHealth, the investment company Fidelity, and the documentation startup Mintlify.

Recommended Videos



A closeup of part of a building facade made of light colored stone. Two American flags flying in front of the building on flagpoles.
Canva

Public administration

- Total security incidents: 3,273, data breached in 584
- Share of incidents with external actors: 85%
- Motives in successful breaches: Financial (68%), espionage (30%), ideology (2%)
- Information compromised in successful breaches: Personal (38%), other (35%), credentials (33%), internal (32%)

Government computer systems are a treasure trove of personal information, and it's not surprising that hackers see them as a target. According to the Verizon report, this sector also has a high percentage of espionage-motivated actors (i.e., countries spying on each other).

A highly visible example of this sort of espionage was the Chinese spy ballon, which flew over the U.S. in early 2023 until it was shot down. Officials from the Biden Administration have since alluded to some form of counter-espionage by insisting they got more "intelligence out of the device than it got as it flew over the U.S.," according to an NBC news report.

A cluster of tall glass skyscrapers in dense urban environment.
Canva

Financial and insurance

- Total security incidents: 1,832, data breached in 480
- Share of incidents with external actors: 66%
- Motives in successful breaches: Financial (97%), espionage (3%), convenience (1%), ideology (1%)
- Information compromised in successful breaches: Personal (74%), credentials (38%), other (30%), bank (21%)

According to the Verizon report, basic web application attacks—in which hackers use stolen credentials or a well-known vulnerability—are a "top pattern" among hackers in this category.

"Poorly picked and protected passwords continue to be one of the major sources of breaches within this pattern," the report says. The takeaway? Listen to your IT friends and change both your work and personal passwords regularly.

A group of medical staff, three women and a man standing close.  A young woman holding a flat device in her hands looking at the woman in front of her.
Canva

Health care

- Total security incidents: 525, data breached in 436
- Share of incidents with external actors: 66%
- Motives in successful breaches: Financial (98%), espionage (2%), fun (1%), ideology (1%)
- Information compromised in successful breaches: Personal (67%), medical (54%), credentials (36%), other (17%)

The UnitedHealth breach may be making headlines right now, but it won't be long before another health care system or insurer will get hacked. Loss of a health care provider's normal software or computer systems can have life-threatening consequences, as they are forced to work without access to their regular files.

Verizon reports that this sector is often targeted by ransomware gangs: groups of cybercriminals who hold data hostage until the victim gives in to their financial demands. In 2019, a ransomware attack allegedly led to a baby's death at an Alabama hospital when the attack knocked out heart-rate monitoring systems.

Overhead view of an accountant working at a desk.
Canva

Professional, scientific, and technical services

- Total security incidents: 1,398, data breached in 423
- Share of incidents with external actors: 92%
- Motives in successful breaches: Financial (96%), espionage (4%), convenience (1%)
- Information compromised in successful breaches: Personal (57%), credentials (53%), other (25%), internal (16%)

This "catch-all" category includes lawyers, accountants, and other business services. "Denial of services"—when a malicious actor blocks legitimate users from accessing their systems—continues to be a top "action" in cyberattacks on this sector, according to Verizon. Additionally, 23% of these incidents were due to ransomware, up from 14% in the previous year's report.

Two IT professionals sharing information on a laptop.
Canva

Information

- Total security incidents: 2,110, data breached in 384
- Share of incidents with external actors: 81%
- Motives in successful breaches: Financial (92%), espionage (8%)
- Information compromised in successful breaches: Personal (51%), credentials (37%), other (35%), internal (19%)

External parties with financial incentives continue to cause the most security incidents in this sector. Only 8% were motivated by espionage, compared to 20% last year, according to the report.

A computer screen with drawings of machines siting on a desk with machines in the background.
Canva

Manufacturing

- Total security incidents: 1,817, data breached in 262
- Share of incidents with external actors: 90%
- Motives in successful breaches: Financial (96%), espionage (4%), convenience (1%)
- Information compromised in successful breaches: Personal (60%), credentials (38%), other (37%), internal (18%)

Manufacturing is a tech-heavy field, and companies need protect not only their production line, but also their consumer-facing services.

Customers innocently shopping for cleaning products and storage containers on the manufacturer OXO's website in 2017 and 2018 may have unknowingly fed hackers their payment information. The company reported that its servers were compromised three separate times over those two years. OXO hired a security firm to fix the vulnerabilities and offered those affected a free credit monitoring service.

Overhead view of students working in a large university library.
Canva

Educational services

- Total security incidents: 497, data breached in 238
- Share of incidents with external actors: 72%
- Motives in successful breaches: Financial (92%), espionage (8%), convenience (1%), fun (1%)
- Information compromised in successful breaches: Personal (56%), credentials (40%), other (25%), internal (20%)

Think about all the sensitive information that gets exchanged when you apply to a new university. University databases, like the one Stanford kept of doctoral applicants to the economics department, are prime targets for malicious actors.

A woman and a man wearing blue shirts and badges are both looking at the acrylic stand in a store.
Canva

Retail

- Total security incidents: 406, data breached in 193
- Share of incidents with external actors: 94%
- Motives in successful breaches: Financial (100%), espionage (1%)
- Information compromised in successful breaches: Payment (37%), credentials (35%), other (32%), personal (23%)

The news cycle warns us of "card skimmers" every few months, so hackers targeting retail sales systems may come as no surprise to customers. However, hackers are also attacking your favorite online retail websites.

"Within retail, we often find the 'Magecart'-type actors," the Verizon report says. "These criminals find ways of embedding their malicious code within your site's credit card processing page. This allows them to quietly and subtly abscond with your customers' payment data without actually affecting the functionality of your website."

An older man wearing an apron behind a counter in a cafe looking at the computer in front of him. African American woman in the background is leaning towards the counter in front of her.
Canva

Accommodation and food services

- Total security incidents: 254, data breached in 68
- Share of incidents with external actors: 93%
- Motives in successful breaches: Financial: 100%
- Information compromised in successful breaches: Payment (41%), credentials (38%), personal (34%), other (26%)

Hackers love to use RAM scrapers, which cull through a computer's short-term memory and can collect lucrative payment data, to target point-of-sale technology. According to Dan Wahl, the senior manager of Restaurant Insurance Solutions at CoverWallet, a restaurant owner's first step should be making sure their payment system complies with the Payment Card Industry Data Security Standard to help protect against these kinds of attacks.

A mining site in operation at dusk.
Canva

Mining and utilities

- Total security incidents: 143, data breached in 47
- Share of incidents with external actors: 80%
- Motives in successful breaches: Financial (63%–93%), espionage (4%–32%), grudge (1%–21%), ideology (0%–15%), convenience/fear/ fun/other/ secondary (0%–7% each)
- Information compromised in successful breaches: Personal (50%), internal (33%), other (26%), credentials (24%)

Lastly, companies and public entities in the mining, quarrying, and oil and gas extraction and utilities sector provide critical infrastructure that can still be prone to attacks. Just like when they attack other industries, hackers like to use "system intrusion," or multistep processes to break into digital systems, steal data, get out, and then either hold the data for ransom or leak it.

In a drawn-out project, Chinese hackers have stealthily hidden in U.S. infrastructure for up to five years without attacking. If the two countries went to war, this access could turn destructive, according to an NBC News report.

Story editing by Shannon Luders-Manuel. Copy editing by Tim Bruns. Photo selection by Ania Antecka.

This story originally appeared on Drata and was produced and distributed in partnership with Stacker Studio.

Loading...

Recommended Videos