Employees frequently reuse corporate credentials as personal logins, regardless of security guidelines that prohibit such behavior. When those third-party sites are subject to data breaches, reused employee logins provide easy entry points to corporate systems and networks. In addition to corporate credentials, data breaches expose a wealth of personal information that can enable cybercriminals to bypass security measures, take over accounts, and compromise enterprise networks.
To provide a snapshot of the breach exposure affecting major enterprises, we examined SpyCloud’s entire database to see what breach data we could tie to companies in the Fortune 1000. Across our data set, we were able to identify over 412 million breach assets tied to employees within the Fortune 1000.
Download the report to see:
How many Fortune 1000 employees and C-level executives have passwords available to cybercriminals
Top passwords of Fortune 1000 employees
Infographics showing credential exposure, password reuse rates, and more for all 21 Fortune 1000 sectors
Which sector is the worst offender (by far)
Solution: Account Takeover Prevention
Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.
Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.