Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

Large supply chain and third-party compromises have nearly quadrupled since 2020.

IBM
May 27, 2026
Supply ChainThird-Party Risk

Large supply chain and third-party compromises have nearly quadrupled since 2020. — This cybersecurity statistic was published by IBM in May 2026. It covers topics including Supply Chain, Third-Party Risk. The original data appears in 2026 X-Force Threat Intelligence Index. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 2/25/2026

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Large supply chain and third-party compromises have nearly quadrupled since 2020. This data was published by IBM and covers Supply Chain, Third-Party Risk.

Where does this data come from?

This statistic comes from 2026 X-Force Threat Intelligence Index, published by IBM on May 27, 2026. You can view the original report at https://www.ibm.com/reports/threat-intelligence.

What cybersecurity topics does this cover?

This statistic relates to Supply Chain, Third-Party Risk. Browse more statistics on Supply Chain or from IBM.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

16% of security professionals say supply chain and third-party risk is the boardroom cyber priority boards ask about most.

Filigran6/20/2026
Supply ChainBoardroom RiskThird-Party Risk

38% of organizations in MEA report reliance on third-party ecosystems and vendors, increasing supply-chain blind spots.

Veeam6/20/2026
Third-Party RiskSupply ChainMiddle East

41% of cybersecurity professionals identify AI-powered attacks at scale as their biggest security concern, compared with 21% citing supply chain risk and 21% citing unknown threats.

Filigran6/20/2026
AI ThreatsSupply ChainAI-Powered Attacks

70% of security leaders say their organizations apply risk controls only to key suppliers.

CSC6/20/2026
Third-Party RiskSupply Chain

72% of organizations are structurally incapable of auditing embedded AI Software Development Kits (SDKs) hidden inside everyday mobile applications.

Lookout6/15/2026
Supply ChainMobile Security

The Axios NPM package was downloaded 100 million times per week.

CrowdStrike6/15/2026
Open SourceSupply ChainSoftware Distribution

Browse by Topic

Supply ChainThird-Party RiskMore from IBM

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights