Click on each section to zoom in. Click on center to zoom out. Hover over each section to view title and count.
Definitions: (from Verizon's 2017 Data Breach Investifations Report)
Incident: A security event that compromises the integrity, confidentiality or availability of an information asset.
Breach: An incident that results in the confirmed disclosure, not just potential exposure, of data to an unauthorized party.
Crimeware: All instances involving malware that did not fit into a more specific pattern. The majority of incidents that comprise this pattern are opportunistic in nature and are financially motivated. This pattern will often affect customers and is where 'typical' malware infections are placed.
Cyber-Espionage: Incidents in this pattern include unauthorized network or system access linked to state-affiliated actors and/or exhibiting the motive of espionage.
Denial of Service: Any attack intended to compromise the availability of networks and systems. Includes both network and application attacks designed to overwhelm systems, resulting in performance degradation or interruption of service.
Privilege Misuse: Any attack intended to compromise the availability of networks and systems. Includes both network and application attacks designed to overwhelm systems, resulting in performance degradation or interruption of service.
Miscellaneous Errors: Incidents in which unintentional actions directly compromised an attribute of a security asset. This does not include lost devices, which are grouped with theft.
Payment Card Skimmers: All incidents in which a skimming device was physically implanted (tampering) on an asset that reads magnetic stripe data from a payment card (e.g. ATMs, gas pumps, POS terminals, etc.).
Point of Sale Intrustions: Remote attacks against the environments where card-present retail transactions are conducted. POS terminals and POS controllers are the targeted assets. Physical tampering of PIN entry device (PED) pads or swapping out devices is covered in the Payment Card Skimmers section.
Physical Theft and Loss: Any incident where an information asset went missing, whether through misplacement or malice.
Web Application Attacks: Any incident in which a web application was the vector of attack. This includes exploits of code-level vulnerabilities in the application as well as thwarting authentication mechanisms.
Everything Else: Any incident that did not classify as one of the nine patterns.
Data sourced from Verizon Enterprise's 2017 Data Breach Investigations Report. Visualization sourced from here.