Bountiful EMEA Data Breaches 2021: Europe+Middle East+Africa

Bountiful EMEA Data Breaches 2021: Europe + Middle East + Africa

EMEA Data Breaches 2021 is composed of breaches originating from Europe, the Middle East and Africa. For the 2nd year in a row, Basic Web Application Attacks are the most typically seen pattern in this region, accounting for approximately 54% of breaches. Often these attacks are focused on acquiring the data within the application itself, however, in other cases, it is simply a method to an end of performing other types of havoc.

The System Intrusion, Social Engineering and Miscellaneous Errors patterns are all closely grouped for 2nd place in this area. Without a doubt the most typically breached data method in EMEA is Credentials (username/password), and this goes some way towards discussing the placement of the patterns. While in most cases we know that stolen Credentials were utilised, we do not always have visibility from where were initially acquired. However, we do understand that Social Engineering in the form of Phishing is very frequently the means attackers utilise to obtain them.

No matter how they originally got their sticky fingers on them, using stolen Credentials is the primary instrument by which the attacker hacks into the business, and in most cases, it is through a Web application. Lastly, almost 18% of actors in EMEA Data Breaches 2021 are Internal (usually system administrators), which explains the existence of Miscellaneous Errors in the top 4 patterns. In the majority of cases (67%), these are unintended Misconfiguration mistakes.

EMEA breaches: Europe, Middle East and Africa

• 5,379 incidents
• 293 confirmed data disclosures

Top Patterns:

representing 83% of breaches

• Basic Web Application Attacks
• System Intrusion
• Social Engineering