Identity breach costs and help desk hijacks: what should teams do?

TL;DR: Identity breaches surged to 69% of organisations in the last three years, while 45% said identity-related breach costs exceeded the typical breach cost and 24% crossed $10M, according to RSA's 2026 RSA ID IQ Report. The data shows identity governance is now a board-level resilience problem, not just an IAM operations issue.

NHIMG editorial — based on content published by RSA Security: Brazil Leads the World in Global Identity Security Survey, RSA ID IQ Report Unveils Top Identity Threats

By the numbers:

• 69% of organizations experienced an identity-related breach in the last three years.
• 45% of organizations said the cost of an identity-related breach exceeded the typical cost of a breach as defined by IBM.
• 24% of organizations said costs exceeded $10M.

Questions worth separating out

Q: How should security teams reduce help desk hijack risk in identity programmes?

A: Treat the service desk as part of the identity boundary.

Q: Why do identity-related breaches become so expensive so quickly?

A: Identity compromise often gives attackers legitimate access rather than a narrow technical foothold.

Q: What do organisations get wrong about passwordless authentication?

A: They often treat passwordless as a finished control instead of a redesign of the full assurance chain.

Practitioner guidance

• Harden help desk recovery flows Require stronger identity proofing, dual approval for sensitive resets, and step-up verification before any factor re-enrolment or credential recovery is completed.
• Classify support overrides as privileged actions Log, review, and recertify all account recovery and factor-reset activities as privileged workflows, with named approvers and tamper-evident records.
• Measure identity blast radius Map which SaaS, cloud, email, and admin systems become reachable after one account is taken over, then use that map to prioritise privilege reduction.

What's in the full analysis

RSA Security's full report covers the operational detail this post intentionally leaves for the source:

• Full survey methodology behind the 2,100-plus respondent sample and regional breakdowns.
• Brazil-specific findings on passwordless adoption and how they compare with global trends.
• The report's detailed breakdown of help desk bypass concerns and the supporting survey percentages.
• Context on how respondents view AI's role in cybersecurity versus cybercrime.

👉 Read RSA Security's 2026 ID IQ Report on identity breach trends and help desk risk →

Identity breach costs and help desk hijacks: what should teams do?

Explore further

View Full Forum →  |  NHI Foundation Course →