76% of data breaches utilized weak or stolen credentials like default usernames and passwords. Social engineering targeting ex-employees and managers accounted for 27% of breaches. 29% of all breaches involved some kind of social element like phishing or pretexting where attackers trick victims into providing access to systems or sensitive information.