SpyCloud Reveals Nearly 26 Million Employee Credentials at Fortune 1000 Companies are Readily Available to Cybercriminals
Continued rampant password reuse puts companies and customers at risk
SpyCloud, known for its unique anti-fraud platform powering account takeover prevention and fraud investigations solutions, today revealed its 2021 report on password vulnerability at Fortune 1000 companies. Researchers from SpyCloud uncovered 25.9 million business account credentials and over 543 million breach assets tied to employees in the Fortune 1000 are readily available on the criminal underground.
“Year after year, studies show that the use of weak and stolen credentials is the most common hacking tactic for cybercriminals, yet 76 percent of employees at the world’s largest companies are still reusing passwords across personal and professional accounts,” said Chip Witt, vice president of product management for SpyCloud. “People don’t seem to realize just how often their credentials end up in criminal hands or how stolen passwords can be used to access other accounts they think are safe.”
Regardless of security guidelines that warn against such behavior, many employees, even at the executive level, are using corporate credentials as personal logins for other accounts. When those third-party sites are subject to data breaches, reused employee logins provide criminals with easy access to corporate systems and networks.
Analysis within SpyCloud’s 2021 Report: Breach Exposure of the Fortune 1000 is broken down by data type and sector (as defined by Fortune) to reveal the scope of breach exposure facing the largest U.S. companies across different industries.
- The credentials of 133,927 C-level Fortune 1000 executives are available for sale on the dark web.
- At 552,601 per company, employees in the telecommunications sector have by far the highest average number of exposed credentials.
- 13,897 technology sector employees’ corporate or personal systems appear to be infected with credential-stealing malware.
- In addition to corporate credentials, breaches regularly expose a wealth of personally identifiable information (PII) that enables bad actors to bypass security measures, take over accounts, and compromise enterprise networks. Over 281M PII assets of Fortune 1000 employees are available to cybercriminals.
- Despite constant warnings about the high risk of using weak passwords, “123456” and “password” are still the most commonly used among employees.
- At 85 percent, the media industry has the highest rate of password reuse. Media professionals also show an affinity for using certain passwords that would be inappropriate to publish here.
Researchers for the report analyzed data from the world’s largest repository of recovered stolen credentials and PII. SpyCloud continually monitors the criminal underground for breach data that has become available to cybercriminals, using human intelligence to gain access to stolen data as soon as possible after a breach occurs, and far before that data appears on the dark web.
“Especially with millions of people still working from home, enterprises must be able to trust the identities of the employees, consumers, and suppliers accessing their networks,” continued Witt. “The best way to prevent accounts from being taken over is to identify compromised credentials quickly after a breach and mitigate before criminals have time to use them. That requires a comprehensive, continuously updated database of breach data that security leaders can use to keep corporate accounts safe.”