According to a report released by the White House, U.S. federal agencies experienced an 8% decrease in the number of cybersecurity incidents that affected them, including those that targeted them, last year.

According to the report, government agencies were affected by 28,581 security incidents in fiscal year 2019, down from 31,107 cyber incidents reported by federal agencies in the previous fiscal year.

According to this report, released by the White House Office of Management and Budget, inappropriate use of government services was the most common type of cyber incident in 2019, with 12,507 incidents compared to 9,674 the previous year.

According to the report, "The prevalence of this incident vector indicates that government agencies have processes and capabilities to detect that security policies are being violated, but lack automated enforcement and prevention mechanisms."

Other common breaches include email and phishing attacks (4,388), web attacks (1,982), and lost or stolen government equipment (1,885).

The U.S. federal government counts fiscal years as beginning on October 1 and ending on September 30, so fiscal year 2019 ended on September 30, 2019.

Perhaps most concerning, however, is that 25% (7,240) of the recorded incidents were unknown vectors, suggesting that government officials should take additional steps to help agencies identify the source of these incidents.

There were three incidents that the government needed to disclose because they constituted user data.

On January 31, 2019, the Federal Emergency Management Agency (FEMA) shared the personal information of 895,000 disaster victims with a third-party volunteer organization.

On December 3, 2018, FEMA's National Emergency Management Information System Information Assurance System shared information on disaster victims, including 2.5 million hurricane victims, with temporary lodging contractors.

The third incident occurred on June 3, 2019, when a contractor responsible for manufacturing license plate readers used by U.S. Customs and Border Protection was affected by a ransomware attack that allowed attackers to obtain license plates and driver photos.