RSA Report: Identity-Related Breaches Surge, Costs Skyrocket in 2026
A new global report from RSA reveals a sharp rise in identity-related breaches, with 69% of organizations experiencing such incidents in the last three years a 27-percentage-point increase year-over-year. The 2026 RSA ID IQ Report, based on insights from over 2,100 cybersecurity, IAM, and IT professionals, highlights escalating risks, financial impacts, and emerging attack vectors in identity security.
Key findings include:
- Breach frequency and costs: Identity-related breaches have surged by 64% relative to the previous year, with 45% of organizations reporting costs exceeding IBM’s typical breach benchmark. Notably, 24% faced losses exceeding $10 million, a three-point increase from 2025.
- Top threats: IT help desk bypass and social engineering attacks have become a major concern, with 65% of organizations worried about a repeat of high-profile breaches like those at MGM Resorts, Caesars Entertainment, and Marks & Spencer. Over half (51%) now view service desk attacks as their most significant risk.
- Passwordless adoption: Brazil leads globally in passwordless authentication, with 50% of respondents using it at least half the time nine points above the global average.
- AI in cybersecurity: While 83% of professionals believe AI will benefit cybersecurity more than cybercrime in the next three years, 91% of organizations plan to integrate AI into their tech stacks this year. Brazil stands out for its high AI adoption but also expresses the greatest skepticism about its security benefits.
RSA CEO Greg Nelson emphasized the urgency of addressing identity vulnerabilities, stating that the "likelihood of a breach and the cost of inaction are too high for leaders to tolerate the status quo." The report underscores the need for organizations to reassess their identity security strategies amid evolving threats.
Marks and Spencer cybersecurity rating report: https://www.rankiteo.com/company/marks-and-spencer
"id": "MAR1768480120",
"linkid": "marks-and-spencer",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': ['Cybersecurity',
'IT',
'Identity and Access Management'],
'location': 'Global (with specific insights on Brazil)',
'name': 'Global Organizations (Including Brazilian '
'Organizations)',
'type': 'Organizations'}],
'attack_vector': ['Social Engineering', 'IT Help Desk Bypass'],
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information, Access Credentials)',
'type_of_data_compromised': 'Identity-Related Data'},
'date_publicly_disclosed': '2026',
'description': 'The 2026 RSA ID IQ Report reveals critical insights from over '
'2,100 cybersecurity, IAM, and IT professionals on '
'identity-related breaches, their frequency, financial '
'impacts, and emerging threats like IT help desk bypass and '
'social engineering attacks. The report highlights a 64% '
'relative increase in identity-related breaches '
'year-over-year, with 69% of organizations experiencing such '
'breaches in the last three years. Costs of breaches have also '
'escalated, with 24% of organizations reporting costs '
'exceeding $10M.',
'impact': {'financial_loss': '> $10M (for 24% of organizations)'},
'investigation_status': 'Report Findings (No Specific Incident Investigation)',
'lessons_learned': 'Identity-related breaches are increasing in frequency and '
'cost, with IT help desk bypass and social engineering '
'emerging as significant threats. Organizations must '
'prioritize securing their identity estate and consider '
'adopting passwordless authentication and AI-driven '
'cybersecurity measures.',
'post_incident_analysis': {'corrective_actions': ['Strengthen IAM '
'capabilities',
'Adopt passwordless '
'authentication',
'Implement AI-driven '
'cybersecurity solutions',
'Enhance IT help desk '
'security protocols'],
'root_causes': ['Identity and Access Management '
'(IAM) Failures',
'Social Engineering Attacks',
'IT Help Desk Bypass']},
'recommendations': ['Assess and strengthen identity and access management '
'(IAM) capabilities.',
'Prioritize passwordless authentication adoption.',
'Implement AI-driven cybersecurity solutions to enhance '
'threat detection and response.',
'Enhance IT help desk security protocols to prevent '
'social engineering attacks.',
'Monitor and address identity-related risks proactively.'],
'references': [{'source': 'RSA 2026 ID IQ Report',
'url': 'https://www.rsa.com/content/dam/en/resource/report/2026-rsa-id-iq-report.pdf'},
{'source': 'RSA 2026 ID IQ Report Infographic',
'url': 'https://www.rsa.com/content/dam/en/resource/infographic/2026-rsa-id-iq-report-infographic.pdf'},
{'source': 'Brazilian ID IQ Report Webinar',
'url': 'https://www.rsa.com/webinar/brazilian-id-iq-report'}],
'stakeholder_advisories': 'Leaders should act quickly to secure their '
'identity estate and prioritize actions to mitigate '
'identity-related risks.',
'title': 'RSA 2026 Identity-Related Breach Report Findings',
'type': 'Data Breach',
'vulnerability_exploited': 'Identity and Access Management (IAM) Failures'}