2025 report reveals decline in technology breach rates

The release of the 2025 Global Third-Party Breach Report by SecurityScorecard highlights a shift in the technology sector regarding third-party security breaches.

The report, which analyses 1,000 breaches across various industries and regions, indicates a decline in breaches involving technology products and services from 75% previously to 46.75%. This suggests a diversification of attack surfaces within the tech sector.

SecurityScorecard's Senior Vice-President of STRIKE Threat Research and Intelligence, Ryan Sherstobitoff, emphasised the increased focus on third-party access by threat actors.

He stated, "Threat actors are prioritizing third-party access for its scalability. Our research shows ransomware groups and state-sponsored attackers increasingly leveraging supply chains as entry points. To stay ahead of these threats, security leaders must move from periodic vendor reviews to real-time monitoring to contain these risks before they escalate throughout their supply chain."

The report identifies the retail and hospitality sectors as having the highest breach rate at 52.4%, followed closely by the technology industry with a rate of 47.3%, and the energy and utilities sector at 46.7%. Healthcare reported the most number of breaches at 78, although its breach rate was below average at 32.2%.

The study highlights global hotspots for third-party breaches, with Singapore leading at a rate of 71.4%, followed by the Netherlands at 70.4%, and Japan at 60%. The United States showed a lower breach rate of 30.9%, placing it 4.6% below the global average.

Ransomware attacks, according to the report, often utilise third-party access, accounting for 41.4% of such attacks. The report singles out the ransomware group C10p as a prolific user of these access vectors.

SecurityScorecard has offered several strategies aimed at reducing third-party breach risks based on the observed breach patterns. Security teams are advised to match risk management practices to the industry-specific risk profile, considering factors such as geography, technology, and organisational structure.

Furthermore, the importance of mitigating fourth-party risks by ensuring vendors adhere to robust third-party risk management programs is underscored. Contracts should include these requirements to help prevent exposure to additional threats from vendors.

The report recommends supporting technologies that are inherently secure by design and highlights the importance of bolstered procurement standards alongside CISA's initiative for secure design in technology selection.

In addition to these strategies, the report advises hardening high-risk infrastructures such as file transfer software and cloud services through multi-factor authentication and continuous security assessments to mitigate risks.

SecurityScorecard's findings are built upon a diverse set of data sources including open-source intelligence, security research, and government disclosures, providing a comprehensive view of the threat landscape.

The data from this report, drawn from SecurityScorecard's proprietary risk and threat intelligence, also includes non-third-party breaches for broader context.