Skip to main content

Human error to blame for 9 in 10 UK data breaches last year

(Image credit: Image source: Shutterstock/wk1003mike)

Most data breaches that occurred last year were a result of human error, says a new report from CybSafe.

The UK’s Information Commissioner’s Office (ICO) told CybSafe a total of 2,376 incidents were reported last year, up from 1,854 in 2018 and 540 in 2017.

Nine in ten incidents were caused by human error. Almost half (45 percent) of these incidents came about as a result of phishing scams (opens in new tab), followed by unauthorised access, and malware and ransomware.

Hardware misconfigurations and brute force password attacks were also responsible for some breaches.

Phishing didn’t become the most popular attack method overnight – its popularity has grown in recent years. In 2017, organisations reported 16 successful phishing attempts (opens in new tab), 877 in 2018 and 1,080 in 2019.

“Staff can make a variety of mistakes that put their company’s data or systems at risk, often because they lack the knowledge or motivation to act securely, or simply because they accidentally slip up,” said Oz Alashe, CEO of CybSafe.

“People also have an important role to play in helping to protect the companies they work for, and human cyber-risk can almost always be significantly reduced by encouraging changes in staff cyber awareness, behaviour, and culture,” he concluded.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.