2021 SPECIAL REPORT

U.S. Government Credential Exposure

There is arguably no bigger producer, collector, consumer, and disseminator of data on the planet than the United States government. And yet, SpyCloud analysis has shown that its vast network of employees at the federal, state and local levels, including its contractors, are leaving that data exposed to enormous risk.

In 2020 alone, SpyCloud found:

    • 269,690 plaintext government credentials leaked in 465 breaches.
    • More than 1 million pairs of exposed emails and passwords for corporate accounts at the 27 largest companies in the defense industrial base.
    • 800,000 exposed corporate credentials (more than 7,000 per company) for employees at the 109 Fortune 1000 companies in the energy sector.

These exposures provide potential avenues for bad actors to access government resources and create massive risk in the government supply chain.

As this report explains, the prevalence of password reuse and loose credential security protocols are gifts to cybercriminals that expose the U.S. to significant risks. Our “Special Report: 2021 U.S. Government Credential Exposure” provides the prescriptive guidance needed to address this trend, along with a new framework for securing credentials that applies to employees, suppliers, and citizens.

Solution: Account Takeover Prevention

Continuous monitoring with SpyCloud

Detect and automatically reset exposed credentials before criminals can exploit them to perpetrate targeted attacks like ransomware.

Learn More

Download the Special Report

A few of our happy customers:

The SpyCloud Difference

SpyCloud provides the earliest detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach or were siphoned from a malware infection and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling government agencies to lock down accounts quickly, without the need for additional resources. 

Our goal is to help organizations to protect themselves from criminal activity and disrupt criminals’ ability to profit from stolen data.

SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.