// #verizon-dbir
2 articles
DBIR 2026 Identity Chapter: Credential Theft Remains Dominant, MFA Bypass Techniques Accelerating
The identity and credential findings from Verizon's 2026 DBIR show that stolen credentials remain the most common enabler of breaches across all sectors, used in 44% of analysed incidents. More troubling: the DBIR documents a significant increase in MFA bypass techniques — adversary-in-the-middle phishing toolkits, SIM swapping, and push notification fatigue attacks that defeat MFA as commonly deployed.
Verizon DBIR 2026: Vulnerability Exploitation Surpasses Phishing as Top Initial Access Vector — Enterprise Implications
Verizon's 2026 Data Breach Investigations Report, published mid-May, documents a structural shift in breach methodology: vulnerability exploitation has overtaken phishing as the most common initial access pathway in analysed breaches. The shift reflects a maturing attacker ecosystem that increasingly uses automated exploit delivery rather than requiring human interaction. Enterprise security programmes built around phishing awareness need recalibration.