In 2025, third-party involvement in data breaches doubled, rising from 15% to 30%, according to the Verizon Data Breach Investigation Report (DBIR), which analyzed over 12,000 breaches and noted a significant increase in third-party breaches owing to the expansion of digital infrastructure and specific zero-day vulnerabilities. These breaches commonly involve system intrusions through stolen credentials, exploited vulnerabilities, and social engineering attacks like phishing, highlighting the importance of security in vendor selection processes. A notable incident was the Snowflake breach, where the absence of multi-factor authentication (MFA) and unrotated credentials led to a significant data exfiltration. The report emphasizes improving security by enforcing MFA, token expiration, and centralized secrets management to mitigate risks, and encourages organizations to ensure third-party vendors adhere to stringent security measures, as breaches can result in service downtime, fines, and loss of trust.