The Role of Third Parties and Machine Credentials in 2025’s Major Data Breaches
May 06, 2025
AI Security / Enterprise IT
In the 2025 Verizon Data Breach Investigations Report (DBIR), it wasn’t just ransomware or zero-day exploits that caught attention; rather, it was the underlying factors that enabled these incidents. Two significant contributors to this year’s most severe breaches emerged: third-party vulnerabilities and machine credential misuse. The report revealed that third-party involvement in breaches surged from 15% to 30% year-over-year. Simultaneously, cybercriminals increasingly leveraged machine credentials and unmanaged machine accounts to infiltrate systems, escalate privileges, and steal sensitive data. The takeaway is clear: protecting only employee accounts is no longer sufficient. To effectively combat modern threats, organizations must implement a comprehensive security strategy that encompasses all identities—human, non-employee, and machine.
The Escalating Threat of Third-Party Risks
Today’s enterprises operate within a complex network of partnerships, including contractors, vendors, and more.
AI Security / Enterprise IT
Today’s enterprises operate within a complex network of partnerships, including contractors, vendors, and more.
Third Parties and Machine Credentials: Key Contributors to 2025’s Security Breaches May 06, 2025 AI Security / Enterprise IT The 2025 Verizon Data Breach Investigations Report (DBIR) revealed that the most pressing issues in this year’s data breaches weren’t the sensational headlines of ransomware attacks or zero-day vulnerabilities, but rather…
The Role of Third Parties and Machine Credentials in 2025’s Major Data Breaches
May 06, 2025
AI Security / Enterprise IT
In the 2025 Verizon Data Breach Investigations Report (DBIR), it wasn’t just ransomware or zero-day exploits that caught attention; rather, it was the underlying factors that enabled these incidents. Two significant contributors to this year’s most severe breaches emerged: third-party vulnerabilities and machine credential misuse. The report revealed that third-party involvement in breaches surged from 15% to 30% year-over-year. Simultaneously, cybercriminals increasingly leveraged machine credentials and unmanaged machine accounts to infiltrate systems, escalate privileges, and steal sensitive data. The takeaway is clear: protecting only employee accounts is no longer sufficient. To effectively combat modern threats, organizations must implement a comprehensive security strategy that encompasses all identities—human, non-employee, and machine.
The Escalating Threat of Third-Party Risks
Today’s enterprises operate within a complex network of partnerships, including contractors, vendors, and more.
