2022 Annual Identity Exposure Report

Last year, SpyCloud recaptured more than 15 billion credentials and PII assets from the criminal underground. That’s a 200% increase in assets recaptured compared to the prior year – ample data that fraudsters are exploiting for identity fraud, which impacts businesses and consumers alike.
Our annual report analyzes this data and sheds light on the trends we observed throughout the year, explaining how enterprises can use this information to protect themselves from account takeover, malware, and ransomware, and protect their consumers from online fraud.
Download the report to see:
- The trends our researchers observed within cybercriminal communities over the last year
- Why the rate of password reuse continues to rise
- Popular passwords influenced by entertainment, politics, and sports (Marvel characters make frequent appearances!)
- How this stolen data is used to perpetrate ransomware and other targeted attacks
- The urgency of the malware problem, including a spotlight on RedLine Stealer, and why we’ve put even more focus on collecting bot logs from malware-infected devices
- The top 12 notable breaches of 2021
Solution:
SpyCloud Compass
Protect your business from malware risks by acting on compromised assets most likely to lead to future ransomware attacks
Related Resources

I Put a Keylogger On You, and Now You’re Mine: What Cybercriminals See When They Infect a Host with Malware
See malware from the criminal perspective, including how the data collected from infected machines gets monetized. Learn how to shield your organization from the damage caused by credential-stealing malware.

Combating Fraud from Stolen Cookies: Introducing SpyCloud Session Identity Protection
On-Demand Webinar: A detailed look at how anti-detect browsers + malware-stolen data put consumers at risk of fraud, and how Session Identity Protection helps protect your bottom line by offering early warning of malware-infected consumers with compromised web session cookies.

Infected User Response Guide
Handy guide to decipher what it means when employee or consumer information appears on a botnet log, and how to contact infected users with an action plan.
With SpyCloud, you get enterprise-level, automated account takeover and ransomware prevention powered by Cybercrime Analytics based on actionable darknet insights.
SpyCloud offers the largest collection of recaptured darknet data in the world, combined with the earliest possible recovery. Our proprietary engine quickly ingests data from breaches, malware-infected devices, and other underground sources, then cleanses and enriches the data – adding context to the records so you understand the severity of the exposures (the source, breach description, and the actual password in plaintext). Our customers get notifications of compromised accounts and passwords far sooner with SpyCloud than any other provider.
Assets
Total
Passwords
Email
Addresses
Data Types
Check Your Exposure
See your real-time account takeover exposure details powered by SpyCloud data.