2022 Report: Identity Exposure of London's FTSE 100
(And Their Subsidiaries)
As data breaches and malware infections continue to leak employees’ credentials and PII at a massive scale, their password reuse remains critically high, creating significant security risks for organisations and the consumers who rely on them to keep their data safe.
A single set of employee credentials that have been exposed in a third-party breach can leave the door wide open for bad actors to gain entry into a corporate network – but we found that London’s FTSE 100 and their subsidiaries have 2.7 million pairs of exposed plaintext credentials in the criminal underground.
To provide a snapshot of employee identity exposures affecting major enterprises, SpyCloud analyzed the data we’ve recaptured from breaches, malware-infected devices, and other underground sources tied to FTSE 100 and subsidiary employees. We examined over 51 million assets, all of which are available on the criminal underground and can be used for malicious purposes.
The types of stolen FTSE 100 employee data criminals have access to, and the danger it presents to these organisations
The most popular exposed passwords of FTSE 100 employees
Which industries lead in exposed data and severity
The impact of malware-infected employees and consumers
Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.
On-Demand Webinar: A detailed look at how anti-detect browsers + malware-stolen data put consumers at risk of fraud, and how Session Identity Protection helps protect your bottom line by offering early warning of malware-infected consumers with compromised web session cookies.
SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.