Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size
Home Strong Authentication Stolen Credentials Featured Prominently in 2010 Data Breach Investigations Report

Stolen Credentials Featured Prominently in 2010 Data Breach Investigations Report

The Verizon Risk Teams' 2010 Data Breach Investigations Report, compiled along with data from the United States Secret Service, looked at 141 confirmed breach cases worked by Verizon and the USSS in 2009. One area of the report examined what a particular threat agent did to cause or contribute to a breach. Under the threat hacking, the use of stolen credentials was number one in both the Verizon and USSS datasets.

 Threat Action

 % of Breaches

% of Records 

Malware

 38%

  94%

Hacking

 40%

 96%

Social

 28%

3%

Misuse

 48%

 3%

Physical 

 15%

 1%

Error

 2%

 0%

Environmental

 4%

  0%

 "The amount of breaches that exploit authentication in some manner is a problem. In our last report it was default credentials; this year it’s stolen and/or weak credentials. Perhaps this is because attackers know most users are over-privileged. Perhaps it’s because they know we don’t monitor user activity very well. Perhaps it’s just the easiest way in the door."

Source: 2010 Data Breach Investigations Report