Manufacturing and utilities firms leaked millions more records last year

Ransomware
Image credit: Shutterstock (Image credit: Shutterstock)

For manufacturing and utilities firms in the United States, last year wasn’t great when it comes to securing sensitive data. 

According to new figures from Comparitech, organizations in these industries have seen more breaches compared to earlier years, more data stolen, and higher overall costs of the incidents.

As per the report, last year manufacturing and utility businesses suffered 302 data breaches, and in those incidents they lost more than 87 million records (including customer data) - and the cost of these affected records exceeded $14.4 billion.

Ransomware attacks

The average number of records stolen per incident is almost 400,000, Comparitech further explained, stating that this represents a 14% increase on 2022’s average, which was around 350,000.

The most affected state was California, with 34 breaches, followed by Texas (24) and New York (22). Pennsylvania and Colorado, however, had the highest number of records affected - 35.9 and 35.8 million, respectively. This was mostly because some of the biggest organizations suffering data breaches last year had their headquarters in these states. 

The most common attack type was described simply as “hacking”, with 125 organizations breached this way. Ransomware was placed second, with 73 recorded incidents. Supply chain attacks (breaches via third parties) rose greatly in 2023, mostly because of the incidents surrounding MOVEit and GoAnywhere managed file transfer software.

“Utility and manufacturing companies are targeted by both cybercriminals looking for low-hanging fruit as well as sophisticated state-sponsored attackers,” the researchers explained. “A successful attack against these companies can cause widespread outages and supply chain issues, not to mention putting customer privacy at risk. And that’s why this industry remains a key target for hackers in 2024.”

For this year, the situation isn’t looking any better. During the first two months, there were six reported incidents in the manufacturing and utility verticals, resulting in the theft of almost 50,000 records. There were two hacks and four ransomware attacks, the researchers said. Of the four ransomware attacks, only two were confirmed - one against Veolia North America, and another against Muscatine Power and Water. 

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.