According Apricorn, Nearly 20% of US IT Security Practitioners Cite Attacks on Backups as Primary Cause of Data Breach

Apricorn, manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, announced the results of its latest annual survey of US IT security decision makers, revealing serious gaps in organizational backup strategies despite 18% of organizations highlighting attacks on backups as the primary cause of data breaches.

“This data should serve as a clear warning,” said Kurt Markley, MD, Apricorn, USA. “Many organizations are investing in backup strategies, so cybercriminals are now targeting those backup systems, as well. If a backup is the actual attack vector, you’re looking at the worst case possible. Not only have you lost all of your data, you’ve also lost all means of any meaningful recovery. Building resilience into backup environments is no longer optional; an encrypted offline duplicate has to be a fundamental part of your strategy.” 

Further, 21% of respondents who have had to recover from a backup were unable to make a full recovery, either retrieving only some of their data and documents or completely failing due to inadequate backup practices. While the proportion of organizations who were able to recover all of their data after a breach is encouraging at 73% – up from 63% in 2024 – the fact that so many have to turn to backups at all underlines the extreme importance to regularly maintain recovery systems and the urgent need for robust backup policies.

Of additional concern, the research shows diminishing signs of progress, particularly in automation and adherence to best practice. 38% now use automated backup to both a central repository and a personal repository, compared with 41% in 2024. This reflects a continuing need for awareness of the benefits of the 3-2-1 rule: keeping at least 3 copies of data on at least 2 different types of media with 1 copy encrypted and stored offsite. In total, 70% have some form of automated backup in place, whether to a central or personal repository alone or as part of a combined approach.

“Automation takes the uncertainty out of the process,” Markley added. “When backups happen consistently without relying on human action, it eliminates one of the biggest points of failure. Regular, automated backups, that are tested for quality and completeness, ensure organizations can rely on them when their defense fails.“

Furthermore, 69% of surveyed IT security decision makers say that their organization expects their mobile/remote workers to expose them to the risk of a data breach. In fact, 66% of respondents cited that their mobile/remote workers have knowingly put corporate data at risk of a breach in the past year. These 2 statistics further highlight the need for clean, complete, and automated backups.

Methodology
The research was conducted by Censuswide among 200 IT security decision makers across the UK between May 23, 2025 – May 29, 2025. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct and ESOMAR principles. Censuswide is also a member of the British Polling Council.