REPORT
2022 Report: Identity Exposure of London's FTSE 100
(And Their Subsidiaries)

As data breaches and malware infections continue to leak employees’ credentials and PII at a massive scale, their password reuse remains critically high, creating significant security risks for organisations and the consumers who rely on them to keep their data safe.
A single set of employee credentials that have been exposed in a third-party breach can leave the door wide open for bad actors to gain entry into a corporate network – but we found that London’s FTSE 100 and their subsidiaries have 2.7 million pairs of exposed plaintext credentials in the criminal underground.
To provide a snapshot of employee identity exposures affecting major enterprises, SpyCloud analyzed the data we’ve recaptured from breaches, malware-infected devices, and other underground sources tied to FTSE 100 and subsidiary employees. We examined over 51 million assets, all of which are available on the criminal underground and can be used for malicious purposes.
- The types of stolen FTSE 100 employee data criminals have access to, and the danger it presents to these organisations
- The most popular exposed passwords of FTSE 100 employees
- Which industries lead in exposed data and severity
- The impact of malware-infected employees and consumers
Download the Report
Related Resources

Account Takeover 101
You can’t stop ATO until you understand it. Get this plain-English primer on the latest attack methods, bad habits that increase ATO risk, and strategies for prevention.

2022 Annual Identity Exposure Report
Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.

Combating Fraud from Stolen Cookies: Introducing SpyCloud Session Identity Protection
On-Demand Webinar: A detailed look at how anti-detect browsers + malware-stolen data put consumers at risk of fraud, and how Session Identity Protection helps protect your bottom line by offering early warning of malware-infected consumers with compromised web session cookies.
The SpyCloud Difference
Truly Actionable Recaptured Data
SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.
Check Your Exposure
See your real-time account takeover exposure details powered by SpyCloud data.