In April, Verizon Enterprise Solutions (a division of Verizon Communications) released its annual Data Breach Investigations Report, which analyzes a year’s worth of data security statistics and observations and offers practical tips to improve information security. Verizon reports that “phishing” campaigns continue to plague secured networks, accounting for approximately 20% of recorded data breach events. According to the report, 23% of recipients open phishing e-mail messages, and 11% click on attachments to those messages. Instances of so-called “RAM scraping,” whereby malware intercepts credit card information by accessing the memory of a cash register or credit card terminal during the course of a sales transaction, have also increased. On the other hand, despite known vulnerabilities of mobile devices, mobile malware appears to pose a negligible threat to data security, as only 0.03% of mobile devices were found to be infected with malicious malware. The report also includes industry-by-industry data breach profiles and an analysis of the nine incident classification patterns that appear in 96% of all data attacks. Lastly, a new segment in the report addresses the cost of breaches and provides insight as to how businesses can quantify risk. For example, the estimated loss for a breach affecting 1,000 data records is between $52K and $87K, and the estimated loss for a breach of 10 million records is between $2.1M and $5.2M. The 2015 report concludes with a list of recommended security controls that businesses can implement to reduce their exposure to data breaches, including patching web services, locking out users after multiple failed login attempts, and filtering mail attachments. Access to the full report is available here