Verizon Business’s 2025 Data Breach Investigations Report (DBIR) highlights a significant increase in global cyber incidents, with Europe, the Middle East, and Africa (EMEA) witnessing a sharp rise in system intrusions. System intrusion breaches in the region nearly doubled over the past year, reaching 53% of all recorded incidents.
The report analyzed over 22,000 global security incidents, including 12,195 confirmed breaches. It identified growing involvement of third parties in breaches, now accounting for 30% of cases—double the previous figure. Exploitation of vulnerabilities also saw a 34% rise, particularly through zero-day attacks.
Internal Threats in EMEA Outpace Global Regions
The EMEA region showed the highest rate of internal breach origins, accounting for 29% of breaches. This compares to just 1% in Asia-Pacific (APAC) and 5% in North America. Despite this, insider-driven incidents in EMEA actually declined by 41%, as external threats increased at a faster pace.
In EMEA:
- 19% of internal breaches were unintentional.
- 8% involved malicious misuse.
- Social engineering was the second most common attack method, with phishing involved in 19% of breaches.
Global Trends Show Rise in Ransomware and Zero-Day Exploits
Across all regions, vulnerability exploitation rose 34%. Zero-day vulnerabilities remain a key threat vector. Ransomware attacks also grew by 37%, with ransomware now appearing in 44% of global breach cases.
Commenting on the regional findings, Sanjiv Gossain, Group Vice President and Head of EMEA at Verizon Business, said:
“The alarming rate of employee-driven breaches in EMEA underscores a critical need for businesses to strengthen their internal cybersecurity. Organisations must go beyond guarding against external threats and foster a culture of security awareness and accountability within.”
