Connect with us

Hi, what are you looking for?


Data Breaches

Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges

Verizon’s 16th annual Data Breach Investigations Report (DBIR) provides data on ransomware costs, the frequency of human error in breaches, and BEC trends.

Verizon on Tuesday published its 16th annual Data Breach Investigations Report (DBIR) to provide organizations with useful information collected from incidents investigated by its Threat Research Advisory Center. 

The DBIR is one of the cybersecurity industry’s most anticipated reports due to the fact that it’s based on the analysis of a significant number of real-world incidents. For the 2023 DBIR, Verizon analyzed more than 16,000 security incidents and roughly 5,200 breaches.

The report shows — based on data from the FBI — that the median cost of ransomware incidents has more than doubled over the past two years, to $26,000. Losses were only reported in 7% of cases, with victims losing between $1 and $2.25 million. 

According to Verizon, the data shows “that the overall costs of recovering from a ransomware incident are increasing even as the ransom amounts are lower. This fact could be suggesting that the overall company size of ransomware victims is trending down. Even though the amounts requested by the threat actors would be smaller for those smaller companies—they want to get any money they can—the added costs of recovering their IT infrastructure under a backdrop of likely technical debt would spike their overall losses.”

Ransomware accounted for 24% of cybersecurity incidents analyzed by Verizon. The company saw the number of ransomware attacks being higher in the past two years than in the previous five years combined. 

The report also reveals that the human element was involved in approximately three-quarters of the analyzed breaches. 

Many of these attacks involved social engineering. This technique can be very useful to attackers in business email compromise (BEC) campaigns, which have more than doubled since the previous year and accounted for over half of incidents involving social engineering. 

“Senior leadership represents a growing cybersecurity threat for many organizations,” said Chris Novak, managing director of cybersecurity consulting at Verizon Business. “Not only do they possess an organization’s most sensitive information, they are often among the least protected, as many organizations make security protocol exceptions for them. With the growth and increasing sophistication of social engineering, organizations must enhance the protection of their senior leadership now to avoid expensive system intrusions.”

Advertisement. Scroll to continue reading.

The report also shows that stolen credentials were leveraged in nearly half of breaches for initial access to an organization’s systems, followed by phishing (12%) and vulnerability exploitation (5%). 

In terms of motivation, 95% of attacks observed in the past year were financially motivated, with espionage being the goal in only a small percentage of attacks. 

The full Verizon 2023 Data Breach Investigations Report is available in PDF format.

Related: Mandiant 2023 M-Trends Report Provides Factual Analysis of Emerging Threat Trends

Related: Verizon DBIR 2021: Ransomware, Web App and Phishing Attacks Dominate

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.