\n<\/p>\n
It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) \u2014 it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: **third-party exposure** and **machine credential abuse**.<\/p>\n
According to the 2025 DBIR, third-party involvement in breaches **doubled** year-over-year, jumping from **15% to 30%**. In parallel, attackers increasingly exploited machine credentials and ungoverned machine accounts to gain access, escalate privileges, and exfiltrate sensitive data.<\/p>\n
The message is clear: it’s no longer enough to protect your employee users alone. To truly defend against modern threats, organizations must govern **all identities** \u2014 human, non-employee, and machine \u2014 within a unified security strategy.<\/p>\n
## **Third-Party Risk: Expanding Faster Than Organizations Can Control**<\/p>\n
Today’s enterprise is a patchwork of partnerships: contractors, vendors, business partners, managed service providers, affiliates, and more. While these relationships drive efficiency, they also create sprawling identity ecosystems. Without strong governance third-party identities become blind spots ripe for exploitation.<\/p>\n
Breaches tied to third-party access often stem from **poor lifecycle management** \u2014 for example, a contractor account left active after a project ends, or a business partner login with excessive privileges. The 2025 DBIR notes that this trend is accelerating, and it isn’t confined to any one industry: healthcare, finance, manufacturing, and the public sector all reported major incidents stemming from third-party exposure.<\/p>\n
Organizations must extend identity governance to non-employees with the same rigor applied to internal staff, ensuring visibility, accountability, and timely deactivation across the full range of third-party users.<\/p>\n
## **Machine Identities: The Hidden Gatekeepers to Critical Systems**<\/p>\n
While human identities remain vulnerable, machine identities are an even faster-growing risk. Service accounts, bots, RPAs, AI agents, APIs \u2014 the digital workforce \u2014 are exploding in number, often without clear ownership or oversight. As AI agents multiply, they will push machine identity growth\u2014and complexity\u2014even beyond what organizations are managing today.<\/p>\n
This year’s 2025 DBIR found that credential-based attacks remain a top initial access method, and attackers are increasingly targeting ungoverned machine accounts for entry. Unprotected machine accounts were tied to major breaches and escalating ransomware attacks.<\/p>\n
The stakes are growing; yet most traditional identity security tools still treat machines like second-class citizens. That’s why it’s essential to move beyond ad hoc machine management to a model built for scale and automation. For a deeper dive into the problem, **check out the** **whitepaper”Who’s Watching the Machines?”.**<\/p>\n
## **A Unified Approach is No Longer Optional**<\/p>\n
Fragmented identity governance isn’t a weakness anymore. It’s a liability. Managing employees in one silo, third-party users in another, and machines \u2014 if at all \u2014 in a third leaves cracks wide enough for attackers to walk through. They don’t need to breach everything. They just need one opening.<\/p>\n
Breaches tied to third-party users and machine accounts are accelerating faster than those tied to internal employees \u2014 a clear warning sign that inconsistent governance is fueling new vulnerabilities. The reality is: **identity is identity**. Human, non-employee, or machine, every identity must be properly managed, governed, and secured under a unified strategy.<\/p>\n
The organizations that survive tomorrow’s threats aren’t the ones who try to harmonize solutions \u2014 they’re the ones who recognize that governing every identity together is the only way forward. Consolidating identity security across employees, contractors, partners, service accounts, bots, and AI agents closes critical gaps, boosts visibility, and hardens defenses when it matters most.<\/p>\n
SailPoint helps organizations secure the full spectrum of identities with solutions designed for today’s complex enterprise environments \u2014 at enterprise scale. Whether you’re managing machine identities or securing non-employee access, SailPoint delivers a unified identity security experience\u2014powered by the SailPoint Atlas platform\u2014that turns identity chaos into clarity.<\/p>\n
<\/p>\n
To dig deeper into why machine identities, require a new approach \u2014 and why traditional human-centric models are no longer enough \u2014 **explore ourthree-part article series **covering what a machine identity is (and why the definition matters), how machine identities evolved alongside human identities, and why traditional governance methods are failing in a machine-driven world.<\/p>\n
The gap between human and machine identity security is widening. It’s time to close it \u2014 before attackers do it for you.<\/p>\n
**Source:**<\/p>\n
**Verizon 2025 Data Breach Investigations Report (DBIR)**<\/p>\n
Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter _\uf099_ and LinkedIn to read more exclusive content we post.\n<\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches Update ID THN:DB8BB9796251BC49BCF352149124C5F4 Type thn Published 2025-05-06T11:25:00…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,13,33,7,11,43,5],"class_list":["post-3222","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n
Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=3222\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches Update ID THN:DB8BB9796251BC49BCF352149124C5F4 Type thn Published 2025-05-06T11:25:00...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=3222\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-06T08:34:25+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches\",\"datePublished\":\"2025-05-06T08:34:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222\"},\"wordCount\":819,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"news\",\"NONE\",\"Security\",\"tapic\",\"thn\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3222#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222\",\"name\":\"Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-06T08:34:25+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3222\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3222#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=3222","og_locale":"en_US","og_type":"article","og_title":"Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem","og_description":"Security Update News Update Information Title Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches Update ID THN:DB8BB9796251BC49BCF352149124C5F4 Type thn Published 2025-05-06T11:25:00...","og_url":"https:\/\/zero.redgem.net\/?p=3222","og_site_name":"zero redgem","article_published_time":"2025-05-06T08:34:25+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=3222#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=3222"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches","datePublished":"2025-05-06T08:34:25+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=3222"},"wordCount":819,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","news","NONE","Security","tapic","thn","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=3222#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=3222","url":"https:\/\/zero.redgem.net\/?p=3222","name":"Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-06T08:34:25+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=3222#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=3222"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=3222#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3222"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3222\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3222"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3222"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}