Experian’s 12th annual Data Breach Industry Forecast presents five predictions for 2025, indicating that global data breaches are set to continue at a rapid pace.
Michael Bruemmer, vice president of global data breach resolution at Experian, emphasizes that while supply chain breaches and ransomware dominated the cyber landscape in 2024, AI-related incidents are expected to take center stage in 2025. He notes that investments in cybersecurity will increase to address this emerging threat, as hackers exploit AI for various malicious activities, including phishing attacks, password cracking, malware creation, and deepfakes.
Jim Steven, head of crisis and data response services at Experian, adds that data breaches are likely to maintain their current trajectory globally, with ransomware becoming even more sophisticated due to the incorporation of AI. He warns of potential escalations in risks taken by threat actors to achieve greater rewards, as well as an increase in the misuse of consumer data to damage reputations in 2025.
Experian outlines five crucial predictions for businesses and consumers to remain aware of in 2025:
-
Increase in Teenage Cybercrime Prosecutions: The FBI reports that the average age of individuals arrested for cybercrime is 19, compared to 37 for other crimes. An anticipated rise in recruitment of teens by sophisticated fraudsters through online gaming and social media platforms is expected.
-
Potential Insider Fraud in Global Brands: As companies train employees on the responsible use of AI, there’s a risk that this training might be exploited by those very employees for internal theft and sensitive information sourcing.
-
Threats to National Cloud Infrastructure: Cyberattackers could target a nation’s cloud infrastructure by attacking the power supply that supports it. The rise of generative AI has created new attack vectors, especially for those with prior knowledge of data center technology and security.
-
Increase in Hacker-on-Hacker Attacks: There could be a rise in attacks among hackers, driven by political or monetary motivations. Instances of hackers falling victim to more skilled attackers illustrate the blurred lines between predator and prey in the digital arena.
- Emergence of Dynamic Identification: The traditional use of driver’s licenses and social security cards may evolve into dynamic identification that changes continuously, as standard encryption methods become outdated. With AI-driven fraud becoming increasingly sophisticated, fraudsters could create nearly undetectable proof-of-life documents that can deceive even the most discerning identification systems.