New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

This research from The Hacker News reveals that 64% of third-party applications on 4,700 leading websites access sensitive data without business justification, highlighting a critical governance gap. The study found that government and education sectors are most affected, with malicious activity in the government sector spiking from 2% to 12.9% and 1 in 7 education sites showing active compromise. Specific offenders include Google Tag Manager, Shopify, and Facebook Pixel. The research also points out that while 81% of security leaders consider web attacks a top priority, only 39% have deployed solutions to address this issue.