BlogNews4TH JUL 2024
AuthorHana Salman
8 min read

DBIR 2024: 9 industries most impacted by cyber attacks

feature image for DBIR 2024 report about industries hit by cyber attacks
BlogNews4TH JUL 2024
8 min read

DBIR 2024: 9 industries most impacted by cyber attacks

AuthorHana Salman
feature image for DBIR 2024 report about industries hit by cyber attacks

Verizon’s DBIR 2024 report has cataloged 30,458 incidents from November 1, 2022 to October 2023. Out of these, almost one-third were confirmed incidents related to data breaches.

Today, we will be breaking down which industries bore the brunt of these cybersecurity incidents and how they have fared since the preceding year.

Industries most impacted by cyber attacks

At its core, a cyber attack’s destructivity is directly proportional to how important the targeted data is.

Essentially what that means is that different industries will react differently to security incidents and data breaches because of differing attack surfaces. This is why it is instrumental in understanding that an industry’s security standing cannot only be determined based solely on incident reports.

Nonetheless, by analyzing the patterns of security and data breaches, business owners and security teams alike have the invaluable insight they need to work towards formulating their incident response plans.

Let’s break the data from the DBIR 2024 report down based on nine industries hit hard by cyber attacks:

Accommodation and food services

Frequency: 220 incidents | 106 confirmed data breaches

Data compromised:

  • Credentials - 50%

  • Personal - 28%

  • Payment - 19%

  • System - 19%

  • Other - 16% (breaches)

The accommodation and food services industry faces three main core threats:

  • Social engineering

  • System intrusion

  • Web application attacks

Regarding social engineering, there has been a remarkable increase since last year, possibly due to an increase in pretexting, which has more than doubled since last year and now accounts for 20% of social engineering incidents.

accommodation-food-cyber-incidents DBIR 2024

Ransomware continues to be one of the top attack varieties, as it has been for the last three years. However, this year instead of the proportion of these attacks increasing, they have been held constant at 16% of all incidents.

In other news, payment card data being compromised has dropped to an all-time low. This is believed to be due to improved security measures in chip technology that are causing attackers to change their focus toward other approaches.

Educational services

Frequency: 1,780 incidents | 1,537 confirmed data breaches

Data compromised:

  • Personal - 83%

  • Internal - 20%

  • Other - 18%

  • Credentials - 9%

With regards to the educational services industry, here are the top error varieties committed by internal actors that lead to cyber incidents:

  • Misdelivery - 56%

  • Loss - 19%

  • Classification errors - 10%

  • Others - 15%

education-cybersecurity-incidents DBIR 2024

Apart from these, the education sector has been affected by three main malware types:

  • Backdoor - 57%

  • Hacking (exploiting vulnerabilities) - 56%

  • Social (extortion) - 50%

Financial and insurance

Frequency: 3,348 incidents | 1,115 confirmed data breaches

Data compromised:

  • Personal - 75%

  • Other - 30%

  • Bank - 27%

  • Credentials - 22%

The top three patterns this year were social engineering, miscellaneous errors, and system intrusion. Unlike last year, Basic Web Application Attacks were not a part of the top three patterns.

insurance-cybersecurity-incidents DBIR 2024

These differences could potentially show that organizations in this sector may be taking more precautions in terms of cybersecurity, forcing attackers to use more complicated malware.


Frequency: 1,378 incidents | 1,220 confirmed data breaches

Data compromised:

  • Personal - 75%

  • Internal - 51%

  • Other - 25%

  • Credentials - 13%

The trend of decreasing malicious insider threats in the healthcare sector that had been maintained since 2018 began to reverse since last year, continuing to increase this year.

healthcare-cybersecurity-breaches DBIR 2024

In this sector, misdelivery seemed to be the most prominent error, while loss and gaffe followed suit.



Frequency: 1,367 incidents | 602 confirmed data breaches

Data compromised:

  • Other - 46%

  • Personal - 45%

  • Credentials - 27%

  • Internal - 22%

The Information sector showed 741 fewer security breach incidents this year as compared to last year.

The top action varieties in this industry this year were:

  • Ransomware

  • The use of stolen creds

top-attack-patterns-information-industry DBIR 2024

With regards to social engineering, there was a slight decrease in phishing attacks along with a corresponding rise in pretexting, indicating that attackers are having to use more complicated cyberattack techniques.


Frequency: 2,305 incidents | 849 confirmed data breaches

Data compromised:

  • Personal - 58%

  • Other - 40%

  • Credentials - 28%

  • Internal - 25%

The proportions of errors in the manufacturing sector this year were spread as follows:

  • Misdelivery - 48%

  • Loss - 20%

  • Misconfiguration - 18%

System intrusion continues to be the most common attack variety in this sector with social engineering and miscellaneous errors being the second and third most common respectively.


Social engineering remains steady with regard to breaches in this sector due to action varieties such as:

  • Phishing - 55%

  • Pretexting - 42%


Professional, Scientific and Technical services

Frequency: 2,599 incidents | 1,314 confirmed data breaches

Data compromised:

  • Personal - 40%

  • Credentials - 38%

  • Other - 33%

  • Internal - 23%

Like most of the industries covered, social engineering and system Intrusion are in the most common patterns, although there’s also the inclusion of Miscellaneous Errors.


The main action varieties used in this sector were as follows:

  • Ransomware - 24%

  • Business Email Compromise - 20%

  • Pretexting - 40%

Public Administration

Frequency: 12,217 incidents | 1,085 confirmed data breaches

Data compromised:

  • Personal - 72%

  • Internal - 37%

  • Other - 31%

  • Credentials - 17%

This year, the miscellaneous errors attack pattern surged to the top spot in the public administration industry with system intrusion and social engineering following suit.

The most recurring error in this vertical was misdelivery (when information is wrongly delivered).

public-administration-cyber-attacks-patterns DBIR 2024

Internal actors were the top threat this year indicating the fact that even well-intentioned employees can trigger a data breach simply by being careless.


Frequency: 725 incidents | 369 confirmed data breaches

Data compromised:

  • Credentials - 38%

  • Payment - 25%

  • System - 20%

  • Other - 31%

In the retail sector, the three main patterns were system intrusion, social engineering and basic web application attacks, in that respective order.

retail-industry-breaches DBIR 2024

In other news, Pretexting has emerged triumphant over Phishing as the top social action in this industry.


Multiple patterns have been uncovered in this year’s Data Breach Investigations Report 2024, from errors to action varieties. By studying the data, security teams and organizational IT personnel can formulate or alter their measures against cyber attacks based on what industry they're working in. These reports help specialists establish parallels to previous years, as well as anticipate patterns for the future to better secure business’ sensitive data.

Note: This post is part of our extensive coverage of Verizon's Data Breach Investigations Report 2024, detailing the top cybersecurity threats faced by governmental, non-profit, and corporate organizations.

Hana Salman / Freelance Contributor
Hana enjoys content writing and learning about new topics such as cybersecurity. She plans to someday be a psychologist to understand people better as well as help them understand themselves.
FAQsFrequently Asked Questions
The Verizon Data Breach Investigations Report (DBIR) is an annual publication by Verizon that provides a comprehensive analysis of data breaches and cybersecurity incidents. The report is based on an extensive collection of data from real-world security incidents, including data breaches, contributed by a wide range of organizations and security partners.
Ransomware attacks can result in data loss, financial losses, operational disruptions, and reputational damage. Depending on the severity of the attack and the importance of the encrypted data, organizations and individuals may face significant consequences.
The frequency of data backups depends on the criticality of your data and how frequently it changes. For important documents or files, it's recommended to back up at least once a day or more frequently if needed.