In its study of third-party app risk, BitSight researchers found that vulnerable apps are common across all industries, with the vulnerabilities including data leakage, privilege abuse, unencrypted personally identifiable information, and credential theft. The differences are in the proportion of vulnerabilities that make up the total picture of each industry.