Verizon’s 2025 Data Breach Investigations Report: System Intrusions Behind 80% of APAC Breaches

Rhea-AI Summary

Verizon Business has released its 2025 Data Breach Investigations Report (DBIR), revealing alarming cybersecurity trends in the Asia-Pacific region. The report analyzed over 22,000 security incidents, including 12,195 confirmed data breaches across 139 countries.

Key findings show that system intrusions caused 80% of APAC breaches, a significant increase from 38% last year. Malware incidents rose from 58% to 83%, with ransomware accounting for 51% of breaches. Globally, vulnerability exploitation increased by 34%, ransomware attacks rose 37%, and third-party involvement in breaches doubled.

The report highlights particular concerns for SMBs, with the median ransom payment reaching US$115,000. While 64% of organizations refused to pay ransoms (up from 50% two years ago), the report notes increased espionage-motivated attacks in Manufacturing and Healthcare sectors, along with persistent threats to Education, Financial, and Retail industries.

Positive

• Higher percentage of organizations (64% vs 50%) refusing to pay ransoms shows improved cyber resilience
• Comprehensive analysis of 22,000+ security incidents provides valuable threat intelligence

Negative

• System intrusions in APAC surged to 80% from 38% year-over-year
• Malware incidents in APAC increased significantly to 83% from 58%
• Global ransomware attacks rose 37% year-over-year
• Third-party breach involvement doubled, increasing supply chain risks
• SMBs disproportionately impacted by ransomware threats

SINGAPORE, April 23, 2025 (GLOBE NEWSWIRE) -- Verizon Business today released its 2025 Data Breach Investigations Report (DBIR), sounding the alarm on a surge of system intrusions across the Asia-Pacific region. The report reveals that 4 out of 5 data breaches in the region stemmed from such attacks - up from 38% the previous year.

Now in its 18th year, the report analysed more than 22,000 security incidents, including 12,195 confirmed data breaches spanning 139 countries. Malware increased from 58% last year in APAC to 83% this year, with Ransomware accounting for 51% of breaches.

"This year’s report reinforces the growing complexity and persistence of cyber threats facing organisations worldwide. In the Asia-Pacific region in particular, external actors are targeting critical infrastructure and exploiting third-party vulnerabilities. The rising incidence of breaches highlights the imperative for businesses to reassess their risk frameworks," said Robert Le Busque, Regional Vice President, Asia Pacific for Verizon Business.

Key APAC Findings:

• Social Engineering: The absolute number of Social Engineering breaches has been on the decline since 2021, it only accounts for 20% of breaches in 2025 due, in part, to the sharp increase of system intrusion
• Malware: Malware in data breaches jumped significantly, from 58% last year to 83% this year with email being the key vector for distributing various types of malware
• Ransomware: Now accounts for 51% of the total breaches in this region and remains highly visible as threat actors often publicize breaches
  

Key Global Findings:

• Exploitation of Vulnerabilities: This initial attack vector saw a 34% increase, with a significant focus on zero-day exploits targeting perimeter devices and VPNs
• Ransomware: Ransomware attacks rose by 37% since last year, and are now present in 44% of breaches, despite a noticeable decrease in the median ransom amount paid.
• Third-Party Involvement: The percentage of breaches involving third parties doubled, highlighting the risks associated with supply chain and partner ecosystems
• Human Element: Human involvement in breaches remains high, with a significant overlap between social engineering and credential abuse

The 2025 DBIR also shed light on industry-specific trends, revealing an alarming rise in espionage-motivated attacks in the Manufacturing and Healthcare sectors, and persistent threats to the Education, Financial, and Retail industries. The report also highlighted the disproportionate impact of ransomware on small and medium-sized businesses (SMBs).

Verizon Business's 2025 DBIR serves as a wake-up call for businesses to take immediate action to strengthen their cybersecurity posture and mitigate the risks posed by evolving cyber threats. With the median ransom payment to cybercriminals last year being US$115,000, this is a significant amount for many SMBs. By adopting a proactive and comprehensive approach to cybersecurity, businesses can help safeguard their assets, protect their customers, and ensure their long-term success in an increasingly digital world.

“This year’s DBIR findings reflect a mixed bag of results. Glass-half-full types can celebrate the rise in the number of victim organizations that did not pay ransoms with 64% not paying vs 50% two years ago. The glass-half empty personas will see in the DBIR that organizations that don’t have the proper IT and cybersecurity maturity – often the SMB sized organizations, are paying the price for their size with ransomware being present in 88% of breaches,” said Craig Robinson, Research Vice President, Security Services at IDC. “While there is no magic pill to swallow that will alleviate the pain of cybersecurity attacks, Verizon’s leadership in educating the public on the types of attacker motives, tactics and techniques is a key head start in raising global awareness and cyber readiness”

Visit our Cybersecurity Awareness page to learn more about data privacy and Verizon’s efforts.

About Verizon Business
Verizon Business is a global leader in providing communication and technology solutions to businesses of all sizes. With a comprehensive portfolio of services, including network, cloud, security, and collaboration solutions, Verizon Business helps organizations improve their operations, enhance their customer experiences, and drive innovation.

Verizon Communications Inc. (NYSE, Nasdaq: VZ) powers and empowers how its millions of customers live, work and play, delivering on their demand for mobility, reliable network connectivity and security. Headquartered in New York City, serving countries worldwide and nearly all of the Fortune 500, Verizon generated revenues of $134.8 billion in 2024. Verizon’s world-class team never stops innovating to meet customers where they are today and equip them for the needs of tomorrow. For more, visit verizon.com or find a retail location at verizon.com/stores.

VERIZON’S ONLINE MEDIA CENTER: News releases, stories, media contacts and other resources are available at verizon.com/news. News releases are also available through an RSS feed. To subscribe, visit www.verizon.com/about/rss-feeds/.

Media contact:
Nilesh Pritam
nilesh.pritam@sg.verizon.com 

FAQ

What are the key findings of Verizon's 2025 DBIR for the APAC region?

In APAC, system intrusions caused 80% of breaches, malware increased to 83%, and ransomware accounted for 51% of breaches. Social engineering decreased to 20% of total breaches.

How much did ransomware attacks increase globally according to Verizon's 2025 DBIR?

Ransomware attacks increased by 37% globally since the previous year, now present in 44% of all breaches.

What is the median ransomware payment amount reported in Verizon's 2025 DBIR?

The median ransom payment to cybercriminals was US$115,000.

How has the percentage of organizations not paying ransoms changed according to VZ's report?

64% of organizations did not pay ransoms in 2025, up from 50% two years ago.

Which industries faced increased espionage-motivated attacks according to Verizon's 2025 DBIR?

Manufacturing and Healthcare sectors experienced an alarming rise in espionage-motivated attacks.