London’s FTSE 100
(AND THEIR SUBSIDIARIES)
Identity Exposure Report 2023
To understand how exposed employee identities impact organisations, SpyCloud combs through our entire database of assets recaptured from the criminal underground every year and analyses the dark web data of employees and consumers tied to the top 100 FTSE companies and their subsidiaries. Let’s explore key takeaways from the report.
Of all malware-exfiltrated authentication data, browser session cookies are the most prized because they allow cybercriminals to become an identity’s clone and bypass authentication to seamlessly hijack a session, allowing them access to sensitive data, escalate employee privileges, deploy ransomware, and much more.
session cookies tied to the employees of these organizations that give bad actors unfettered access to your network.
With credentials being the number one entry point for bad actors, password reuse is just one bad habit that increases an organisation’s risk of account takeover. Poor password hygiene of using weak, common, and/or reused passwords can lead to password spraying or credential stuffing attacks that result in ATO.
password reuse rate among FTSE 100 and their subsidiaries’ email addresses in our database that have been exposed in more than one breach.
Information stolen through malware infections is collected by cybercriminals and shared in small circles or sold at high values on criminal marketplaces. These high-severity exposures put your enterprise at risk of ATO and fraud, and make your organisation vulnerable to ransomware attacks.
assets tied to FTSE 100 companies and their subsidiaries from botnets, representing 58.6% of the 52.5 million total recaptured third-party breach assets.
Exposed Cloud Applications
These exposed credentials come from popular enterprise applications such as online email and office applications, cloud hosting environments, customer relationship managers, payroll management, video conference platforms, source code repositories, and much more. Data stolen from these applications can be used to aid attacks or can be the goal of the attack itself.
popular cloud applications that could give criminals incredible levels of access to corporate data.
Download this year’s report to see:
Trusted by market leaders
With 500+ customers around the world, including half of the Fortune 10, SpyCloud is the leader in operationalizing Cybercrime Analytics to protect businesses.
We’re on a mission to make the internet a safer place by disrupting the criminal underground. Together with our customers, we aim to stop criminals from profiting off stolen data.
#1 Global Software
#1 US Crypto Exchange
Check Your Company's Exposure
See your real-time exposure details powered by SpyCloud.