Data loss affected four out of five organizations as careless users do damage

“Careless users” are the number one cause of data leaks, a new report suggests.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Four out of five organizations around the world (85%) suffered at least one data loss incident last year, a report from cybersecurity researchers Proofpoint claims - adding that most of the time, it’s not the computers’ fault - it’s ours.

The company’s research explored how current approaches todata loss prevention(DLP) are holding up against macro challenges.

According to the report, data loss is usually the result of poor interactions between humans and machines. “Careless users” are much more likely to cause data incidents, than compromised or otherwise misconfigured systems.

The human factor is again to blame

Proofpoint further claims that many organizations are happy to invest in DLP solutions, but these investments are “often inadequate”. Of all the organizations that suffered a data loss incident, almost nine in ten (86%) faced negative outcomes, such as business disruptions, or revenue losses (reported by more than half - 57% - of affected firms).

“Careless, compromised, and malicious users are and will continue to be responsible for the vast majority of incidents, all while GenAI tools are absorbing common tasks—and gaining access to confidential data in the process,” commented Ryan Kalember, chief strategy officer, Proofpoint. “Organizations need to rethink their DLP strategies to address the underlying cause of data-loss—people’s actions—so they can detect, investigate, and respond to threats across all channels their employees are using including cloud, endpoint, email, and web.”

Misconfigured databases - incidents in which employees, for example, forget to set up a password for a major database, are one of the most common causes of data leaks.

Over the years, we’ve witnessed millions of people lose their sensitive information that way, including an unprotected database holding sensitive information on the entire population of Brazil. Another example is a recent BMW security error that resulted in the leak of sensitive information belonging to its customers.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time