Close this search box.


London’s FTSE 100

Identity Exposure Report 2023

To understand how exposed employee identities impact organisations, SpyCloud combs through our entire database of assets recaptured from the criminal underground every year and analyses the dark web data of employees and consumers tied to the top 100 FTSE companies and their subsidiaries. Let’s explore key takeaways from the report.

2023 FTSE 100

Session cookies


Of all malware-exfiltrated authentication data, browser session cookies are the most prized because they allow cybercriminals to become an identity’s clone and bypass authentication to seamlessly hijack a session, allowing them access to sensitive data, escalate employee privileges, deploy ransomware, and much more.

We found more than
55 million

session cookies tied to the employees of these organizations that give bad actors unfettered access to your network.

Password reuse


With credentials being the number one entry point for bad actors, password reuse is just one bad habit that increases an organisation’s risk of account takeover. Poor password hygiene of using weak, common, and/or reused passwords can lead to password spraying or credential stuffing attacks that result in ATO.

We discovered a

password reuse rate among FTSE 100 and their subsidiaries’ email addresses in our database that have been exposed in more than one breach.



Information stolen through malware infections is collected by cybercriminals and shared in small circles or sold at high values on criminal marketplaces. These high-severity exposures put your enterprise at risk of ATO and fraud, and make your organisation vulnerable to ransomware attacks.

We recaptured
30.64 million

assets tied to FTSE 100 companies and their subsidiaries from botnets, representing 58.6% of the 52.5 million total recaptured third-party breach assets.

Exposed Cloud Applications


These exposed credentials come from popular enterprise applications such as online email and office applications, cloud hosting environments, customer relationship managers, payroll management, video conference platforms, source code repositories, and much more. Data stolen from these applications can be used to aid attacks or can be the goal of the attack itself.

We found SSO exposures for

popular cloud applications that could give criminals incredible levels of access to corporate data.

Download this year’s report to see:

Trusted by market leaders

With 500+ customers around the world, including half of the Fortune 10, SpyCloud is the leader in operationalizing Cybercrime Analytics to protect businesses.

We’re on a mission to make the internet a safer place by disrupting the criminal underground. Together with our customers, we aim to stop criminals from profiting off stolen data.

#1 Global
Streaming Service
#1 Global
#1 Global Software
US Banks
#1 Global
Online Retailer
#1 US Crypto Exchange

Check Your Company's Exposure

See your real-time exposure details powered by SpyCloud.

[What’s New] Check Your Exposure has been expanded with more recaptured data. See Your Results Now

Close this search box.