2020 Report: Breach Exposure of the Fortune 1000

Employees frequently reuse corporate credentials as personal logins, regardless of security guidelines that prohibit such behavior. When those third-party sites are subject to data breaches, reused employee logins provide easy entry points to corporate systems and networks. In addition to corporate credentials, data breaches expose a wealth of personal information that can enable cybercriminals to bypass security measures, take over accounts, and compromise enterprise networks.
To provide a snapshot of the breach exposure affecting major enterprises, we examined SpyCloud’s entire database to see what breach data we could tie to companies in the Fortune 1000. Across our data set, we were able to identify over 412 million breach assets tied to employees within the Fortune 1000.
Download the report to see:
- How many Fortune 1000 employees and C-level executives have passwords available to cybercriminals
- Top passwords of Fortune 1000 employees</li>
- Infographics showing credential exposure, password reuse rates, and more for all 21 Fortune 1000 sectors
- Which sector is the worst offender (by far)
Download the PDF version of the report to print or share with others.
Solution:
Account Takeover Prevention
Related Resources

Hard Truths About ATO & Strategies To Defend Your Enterprise
Protecting your enterprise from breaches and account takeovers has never been a bigger challenge.

Top 10 Travel Booking Site
Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.

Targeted Attacks: How Sophisticated Criminals Bypass Enterprise Security Measures
If your account takeover prevention program primarily focuses on automated credential stuffing attacks, you may be leaving your organization exposed to serious losses. Learn more in this webinar we hosted with ISMG.
With SpyCloud, you get enterprise-level, automated account takeover and ransomware prevention powered by Cybercrime Analytics based on actionable darknet insights.
SpyCloud offers the largest collection of recaptured darknet data in the world, combined with the earliest possible recovery. Our proprietary engine quickly ingests data from breaches, malware-infected devices, and other underground sources, then cleanses and enriches the data – adding context to the records so you understand the severity of the exposures (the source, breach description, and the actual password in plaintext). Our customers get notifications of compromised accounts and passwords far sooner with SpyCloud than any other provider.
Assets
Total
Passwords
Email
Addresses
Data Types
Check Your Exposure
See your real-time account takeover exposure details powered by SpyCloud data.