Accommodation and Food Services (NAICS 72)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

First Name: Last Name: E-mail: Organization: Organization type Country:

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

I confirm I have read and understood

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency		220 incidents, 106 with confirmed data disclosure
Top patterns		System Intrusion, Social Engineering and Basic Web Application Attacks represent 92% of breaches
Threat actors		External (92%), Internal (9%), Multiple (1%) (breaches)
Actor motives		Financial (100%) (breaches)
Data compromised		Credentials (50%), Personal (28%), Payment (19%), System (19%), Other (16%) (breaches)
What is the same?		Ransomware and social attacks continue to be a persistent problem within this industry, accounting for 35% of incidents.

Resumen

Social Engineering has increased dramatically and now accounts for 25% of incidents in this sector, with Pretexting more than doubling from the previous year and reporting 20% of incidents.

Spilling the bytes

There is always something cozy and comforting about the local coffee shop you call your second home, and attackers couldn’t agree more. The Accommodation and Food Services industry continues to face the same core threats as before with System Intrusion, Social Engineering and Basic Web Application Attacks leading the pack. As is visible in Figure 58, there’s been a notable increase in social engineering attacks from last year. This is largely a result of the increase in Pretexting, which has more than doubled over the last year and now accounts for 20% of the incidents.

As if accidentally handing over your hard-earned money to criminals wasn’t annoying enough, organizations in this sector also have to contend with the rudest guests possible—ransomware actors. Ransomware continues to be one of the top action varieties and has been for the last three years. However, the only good news is that it hasn’t increased this year and holds steady at 16% of all incidents.

In other news, Payment card data being compromised has dropped to an all-time low, from 41% of breaches in 2023 to now only 19%. This decrease aligns well with the overall decrease of Payment card data being targeted that we’ve seen across various industries, which may be indicating that shifts in chip technology might be causing threat actors to focus their efforts on other approaches. A nice bit of good news to enjoy with your cappuccino.