Lost Devices Now Cause More Data Breaches Than Ransomware

06/18/2025
Ransomware

While ransomware continues to make headlines as a major cybersecurity threat, a new report reveals that a more old-school problem is quietly causing even more damage: lost and stolen devices. According to the 2025 State of Data Sanitization Report by Blancco, incidents involving misplaced laptops, smartphones, and hard drives are responsible for more security breaches than ransomware attacks.

The report, based on responses from over 2,000 IT leaders across North America, Europe, and the Asia-Pacific region, examined how some of the world’s largest organizations manage end-of-life data in the face of tightening regulations and growing environmental responsibilities. The findings paint a concerning picture about gaps in physical device security and data disposal processes within enterprise IT operations.

A Persistent Threat Hiding in Plain Sight

Blancco’s data reveals that more than 80% of organizations experienced a data security incident in the past three years. While phishing attacks (54%) and misconfigured network settings (46%) remain common culprits, 41% of respondents reported incidents caused by lost or stolen devices — outpacing both compromised passwords (36%) and ransomware attacks (32%).

One of the standout observations from the report is how physical access risks are often overlooked in broader cybersecurity strategies. When devices fall out of an organization’s control — whether through theft, loss, or improper disposal — the potential for data exposure spikes dramatically. The problem is compounded by lax data disposal policies or an overreliance on insufficient, manual data wiping methods.

“Inadequate data erasure remains a hidden risk, and it still doesn’t get the attention it deserves,” noted Lou DiFruscio, CEO of Blancco. He emphasized that every IT leader should recognize their responsibility, stay informed about best practices, and ensure that sensitive data is securely handled throughout its digital lifecycle — not just during active use.

Leftover Data: A Lingering Liability

Alarmingly, 17% of companies discovered residual data on supposedly wiped devices destined for recycling or disposal. These findings suggest that many organizations continue to rely on incomplete or informal data deletion methods. While free or manual deletion processes may seem convenient, they often fail to fully sanitize data, leaving enterprises vulnerable.

The report advocates for using certified, audit-ready data erasure solutions that not only guarantee data destruction but also automatically generate tamper-proof reports as proof of erasure. Such solutions help companies meet data privacy regulations while also promoting environmental responsibility by making old hardware safe for resale or recycling — reducing the IT department’s environmental footprint in the process.

AI Adoption Drives New Hardware Risks

The rapid adoption of artificial intelligence is creating fresh challenges. As organizations race to implement AI tools, 77% of surveyed companies reported acquiring new hardware for AI projects, hastening the retirement of older devices. This surge underscores the importance of secure and scalable data disposal practices that can keep pace with accelerated IT asset turnover.

Neglecting secure data sanitization during hardware refresh cycles increases the risk of data breaches, especially when old devices contain residual sensitive data but are inadequately processed before being discarded or repurposed.

Recommendations for Strengthening Data Protection

In response to these findings, Blancco outlines three key recommendations for organizations seeking to minimize data loss risks:

  • Implement standardized, auditable data classification and disposal protocols to ensure consistent handling of sensitive data across all departments.

  • Adopt certified, verifiable data erasure solutions capable of rendering data irretrievable while providing transparent, auditable proof of destruction.

  • Ensure comprehensive asset tracking, encryption, and remote management capabilities for the entire IT hardware fleet, minimizing the risks associated with lost or stolen devices.

Why This Shouldn’t Be Ignored

While ransomware grabs the headlines, it’s clear that the physical loss of devices is an underreported yet increasingly significant threat vector. The combination of growing device inventories, frequent hardware upgrades fueled by AI projects, and insufficient data sanitization practices makes this an issue organizations can no longer afford to overlook.

A Quick Industry Note

Interestingly, a recent study by Cybersecurity Ventures estimated that by 2027, global data loss incidents caused by lost or stolen hardware could cost businesses over $8.5 billion annually — a figure projected to surpass losses from ransomware within the same timeframe. This further reinforces Blancco’s message: physical device security and reliable data sanitization should be a core part of any modern cybersecurity strategy.

Secure your data — not just from hackers, but from your own forgotten, discarded, and misplaced devices.

Read more..

Huawei HeadQuarter

Taiwan Tightens Tech Clampdown on Huawei and SMIC

06/17/2025
romanian lei

Nationwide Cybercrime Raid Hits Romania’s Digital Underworld

06/14/2025
Stargate UAE

AI Mega Hub in UAE Faces Delays Over U.S. Security Fears

06/11/2025

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.