Singapore and the Netherlands are the world’s leading hotspots for third-party data breaches, with more than seven-in-ten organizations falling victim last year.
Figures from SecurityScorecard’s 2025 Global Third-Party Breach Report show third-party breaches are on the rise, accounting for a third of all breaches globally. However, the number is probably higher than that due to a combination of under-reporting and misclassification.
More than four-in-ten ransomware attacks now start through third parties, the study found, with the ransomware group Cl0p the most prolific offender.
“Threat actors are prioritizing third-party access for its scalability. Our research shows ransomware groups and state-sponsored attackers increasingly leveraging supply chains as entry points,” said Ryan Sherstobitoff, senior vice president of SecurityScorecard’s Strike Threat Research and Intelligence.
But there’s huge national variation, the company noted. For example, Singapore had the highest third-party breach rate at 71.4%, despite relatively few total breaches.
“With its significant overseas Chinese population and strategic position in China’s economic and naval power projection, it’s a prime target,” points out the firm.
The Netherlands ranked second, at 70.4%, although this figure was skewed by a major breach at a communications firm that hit a number of utilities.
Japan was third, at 60%, followed by Taiwan at 57.1% and Australia at 50%.
Who’s behind the rise in third-party data breaches?
The main culprit is China, according to SecurityScorecard, with Japan subjected to the most Chinese state-sponsored attacks. Taiwan, meanwhile, was also a key focus for Chinese cyber espionage.
At the other end of the scale, the US has a supply chain attack rate of 30.9%, with the Philippines at 31%, India at 35%, and the UK at 37.2%.
Retail and hospitality was the hardest-hit sector, with a third-party breach rate of 52.4%.
The tech industry was also a leading target for threat actors alongside critical infrastructure sectors such as energy and utilities and the healthcare industry.
Varied attack vectors raising the stakes
In terms of attack vectors, the risks faced by organisations globally are expanding, according to SecurityScorecard. File transfer software topped the list, accounting for 14% of attacks, followed closely by cloud products and services at 8.3%.
“To stay ahead of these threats, security leaders must move from periodic vendor reviews to real-time monitoring to contain these risks before they escalate throughout their supply chain.” said Sherstobitof.
Organizations should tailor their security strategies to their particular industry, geography, technology and organizational structure, advised the researchers.
They should mitigate fourth-party risk by requiring vendors to maintain strong third-party risk management programs themselves; and Secure by Design technology should be a must.
Protection of file transfer software, cloud infrastructure, industry-specific services and VPNs should be a priority, with speedy patching, multi-factor authentication (MFA) and continuous security assessments.
