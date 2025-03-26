Cyber-attacks leveraging third-party vulnerabilities are on the rise, according to a new SecurityScorecard report.

The cyber risk assessment provider released its 2025 Global Third-Party Breach Report on March 26.

In the report, SecurityScorecard’s STRIKE Threat Intelligence Unit analyzed 1000 cyber breaches across industries and regions in 2024. It found that 35.5% of breaches were third-party related, up from 29% the previous year, representing a 6.5% increase.

Additionally, third-party breaches accounted for 41.4% of ransomware attacks in 2024, with Clop being the most prolific group that leveraged third-party access vectors.

Interestingly, the report observed that “only” 46.75% of 2024 third-party breaches involved technology products and services, a drop from last year's 75%, suggesting a diversification of attack surfaces.

Ryan Sherstobitoff, SVP of SecurityScorecard’s STRIKE Threat Research and Intelligence, commented: "Threat actors are prioritizing third-party access for its scalability. Our research shows ransomware groups and state-sponsored attackers increasingly leveraging supply chains as entry points.”

Third-Party Breaches: Industry and Geographic Breakdown

The retail and hospitality sector was the most impacted, with the highest third-party breach rate (52.4%), followed by the technology industry (47.3%) and the energy and utilities industry (46.7%).

Additionally, the healthcare sector experienced the most third-party breaches (78), although it was less impacted proportionally to its size, with 32.2% of breaches attributed to third-party intrusions.

Singapore-based organizations had the highest third-party breach rate (71.4%), followed by those in the Netherlands (70.4%) and Japan (60%). The US reported a lower rate (30.9%), falling 4.6% below the global average.

Third-Party Risk Mitigation Recommendations

Based on third-party breach patterns, SecurityScorecard offered recommendations for security teams:

Match risk management to your organization’s risk profile

Mitigate fourth-party risk by requiring vendors to maintain strong third-party risk management (TPRM) programs and include TPRM requirements in contracts

Demand ‘secure by design’ technology

Harden high-risk infrastructure, including file transfer software, cloud infrastructure, industry-specific services and VPNs, with prompt patching, multifactor authentication (MFA) and continuous security assessments

Disrupt ransomware supply chains, notably by refusing to pay ransoms

“To stay ahead of these threats, security leaders must move from periodic vendor reviews to real-time monitoring to contain these risks before they escalate throughout their supply chain,” Sherstobitoff concluded.

Read now: Third-Party Cyber Risk Management: Taking a Strategic Approach