SecurityScorecard 2024 Global Third-Party Cybersecurity Breach Report: Software supply chain is top target for ransomware groups

SecurityScorecard's Global Third-Party Breach Report analyzes 2023 breach data and finds that nearly one-third of breaches involved third-party attack vectors, with Healthcare, Financial Services, and Technology showing notable exposure; three-quarters of enabling vendor relationships were technical, and the MOVEit zero-day (CVE-2023-34362) exploited by the C10p group is highlighted as a major example prompting recommendations to strengthen third-party risk management and supply-chain defenses.