Unpatched software is now the top way into banks

Verizon’s 2026 Data Breach Investigations Report marks a historic shift: unpatched software overtook stolen credentials as the leading entry point for attackers, driven partly by AI’s ability to exploit known vulnerabilities faster. In financial services, 22% of breaches now stem from unpatched flaws, up from credential abuse at 15%, while third-party vendor involvement surged 60% industry-wide to 48%, with financial services hit in 34% of cases. The report analyzed 3,809 security incidents in finance and insurance, confirming 1,300 data breaches—98% motivated by financial gain and 88% executed by outsiders. System intrusion, often ransomware-driven, remains the top breach pattern since 2022, accounting for 81% alongside social engineering and miscellaneous methods. Vendors are increasingly targeted as gateways. Last year’s ransomware attack on Marquis Software Solutions, a vendor to financial institutions, exposed Social Security numbers, birthdates, and account data. The report found internal business data compromised in 53% of financial breaches, followed by personal data (43%) and credentials (26%). Phishing remains the dominant human-targeting tactic, though attackers now favor voice or text traps, which saw a 40% higher click rate than emails in Verizon’s tests. Insider incidents dropped to 12% but are mostly accidental, per the report. AI’s role in automating exploit discovery is cited as a key factor behind the rise in vulnerability-based attacks.