Summary

This pattern was recalibrated and now consists primarily of Physical tampering cases, in addition to three shiny new Environmental cases, which still have that new incident smell. It does not feature prominently in any of the industries this year and has been relegated to the “stuff leftover that didn’t fit in anywhere else” status it formerly occupied prior to the astronomical rise of Social Engineering.

Frequency

129 incidents, 38 with confirmed data disclosure

Threat Actors

External (95%), Internal (5%) (breaches)

Actor Motives

Financial (100%) (breaches)

Data Compromised

Payment (61%-96%) (breaches)

The fairway plot (Figure 94) provides a good illustration of the two main types of incidents that ended up in the Everything Else pattern. As you may recall from last year, this pattern was quite popular and could be found in the top three patterns in several industries. It was clearly time for us to recalibrate when our catch-all bucket was full to overflowing with incidents that didn’t fit the other patterns.

Now that we’ve sifted through the data and completed our recalibration (which is covered at length in the Introduction to Patterns section), there are still a few incidents and breaches that fit into the Everything Else pattern. They are Physical tampering cases (think ATM and gas pump skimmers) and the so-rare-we-are-excited-to-be-able-to-talk-about-it-FINALLY Environmental cases. Yes, you read that correctly, we actually had three cases from the Environmental action that made it into the dataset this year. It does our geeky VERIS hearts proud to finally be able to talk about them. We considered creating “Ask me about my Environmental breaches” bumper stickers, but bumper stickers are bad for the environment.

We used to have (back in the murky depths of antiquity) an entire pattern devoted to Payment Card Skimmers, but they have been decreasing dramatically in our dataset over the years. This year we saw an even sharper drop-off than ever before. There were only 20 skimming incidents (all confirmed breaches) in the dataset this year. We attribute this decrease, at least in part, to the travel restrictions related to COVID.

In prior years, particularly in the public dataset (VCDB),⁷² we saw evidence of skimming groups from abroad coming into the U.S., and installing skimming devices on their infrastructure of choice (some favor ATMs, some focus on Gas terminals). In fact, one could almost plot their progress along the major routes before they would presumably return to their place of origin along with their stolen data. Given the travel restrictions that began in March of 2020, the freedom to carry out this type of concentrated raid has significantly diminished. And while it is possible that this kind of breach is no longer being tracked at the national level, we like to think there is at least one positive outcome from what has been a very difficult year for most of the world.

Now, on to our Environmental breaches. As mentioned, we only have three of them, which is admittedly a very small number. However, they are separate and distinct events. We saw incidents that arose from one fire, one hurricane and one tornado (Table 3). All three affected paper documents strewn to the winds (in the classic Wizard of Oz fashion) from the violence of their encounters with the forces of nature. The actor in these cases is considered External of type Force majeure. We hope nature will now retire from the data breach stage and leave the loss of records to the normally scheduled actors.

⁷² https://github.com/vz-risk/VCDB