2020 was not a typical year. Between the onset of a global pandemic, the shift to remote life, and the turbulent political landscape, consumers shifted their behavior dramatically — and criminals followed suit, swiftly finding ways to exploit these changes.
Throughout this unusual time, SpyCloud’s researchers have been embedded in criminal networks, using human intelligence (HUMINT) to recover stolen data before it reaches a broader criminal audience or goes public. As a result, the 1.5 billion credentials and 4.6 billion PII assets we’ve recovered provide unique insight into the breaches and botnet logs that have been released to criminal communities over the last year.
Download the report to see:
Trends our researchers have observed within cybercriminal communities over the last 12 months
What 2020 themes appeared in people’s passwords last year (covid-19, sourdough, and more)
How many credentials containing .gov emails were exposed last year, and what passwords were most popular with government employees
The top 10 breaches released over the last 12 months
Solution: Account Takeover Prevention
Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.
Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.
If your account takeover prevention program primarily focuses on automated credential stuffing attacks, you may be leaving your organization exposed to serious losses. Learn more in this webinar we hosted with ISMG.
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.