Sophos released its State of Identity Security 2026 report, showing that 71% of organizations worldwide suffered at least one identity‑related breach in the past year.
The study surveyed 5,000 IT and cybersecurity leaders across 17 countries, with affected companies reporting an average of three separate incidents. Around 5% faced six or more breaches.
Most of these attacks were linked to human error and weak management of non‑human identities (NHIs), digital accounts used by apps and automated systems. Sophos warns that the rise of agentic AI is speeding up how attackers exploit these vulnerabilities, making identity protection more critical than ever.
The report also found that two‑thirds (67%) of ransomware victims said their attack started with an identity compromise. Recovery costs were steep, averaging $1.64 million, with a median of $750,000. About 73% of affected organizations spent $250,000 or more to recover.
Also Read: Most passwords can be cracked in under 24 hours, says study
Sophos Chief Information Security Officer Ross McKerchar said identity has become the main attack surface in cybersecurity today. He added that organizations failing to secure both human and machine identities will face tougher challenges as AI‑driven threats continue to evolve.
For more information, check out the full report here.
