Verizon Business’s 2025 Data Breach Investigations Report (DBIR) reveals a sharp increase in global data breaches, with EMEA experiencing a significant surge in system intrusion breaches, nearly doubling to 53% in one year.
The report, analysing over 22,000 security incidents (including 12,195 confirmed breaches), found third-party involvement doubling to 30% and vulnerability exploitation rising by 34% globally.
In EMEA, 29% of breaches originated internally, compared to 1% in APAC and 5% in North America. Although the highest percentage of internal breaches was in EMEA, the number of insider incidents decreased by 41% due to a faster increase in other breach types.
Key EMEA findings include system intrusion breaches rising to 53%, internal breaches accounting for 29% (19% unintentional, 8% misuse), and social engineering as the second most common incident pattern, with phishing in 19% of breaches.
Globally, exploitation of vulnerabilities increased by 34%, with a focus on zero-day exploits. Ransomware attacks rose by 37% and are present in 44% of breaches.
“The alarming rate of employee-driven breaches in EMEA underscores a critical need for businesses to strengthen their internal cybersecurity. Organisations must go beyond guarding against external threats and foster a culture of security awareness and accountability within,” said Sanjiv Gossain, Group Vice President and Head of EMEA of Verizon Business.
