According to a recent report by ImmuniWeb, more than 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form.
Most of them were from tech companies, closely followed by organisations in the financial industry. Entities in the healthcare, energy, telecommunications, retail, industrial, transport, aerospace and defence sectors are also on the list.
The researchers reveal a worrying statistic: “95% of the credentials contained unencrypted, or brute-forced and cracked by the attackers, plaintext passwords.”
Despite finding as many as 21 million login records, the report notes that only 4.9 million of them were unique, “suggesting that many users are using identical or similar passwords.”
Experts Comments
Linkedin Message
@Stuart Sharp, VP of Solution Engineering, provides expert commentary at @Information Security Buzz.
"Unless MFA is in place, once login credentials are compromised...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/21-million-logins-for-top-500-firms-offered-on-the-dark-web
Facebook Message
@Stuart Sharp, VP of Solution Engineering, provides expert commentary at @Information Security Buzz.
"Unless MFA is in place, once login credentials are compromised...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/21-million-logins-for-top-500-firms-offered-on-the-dark-web
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Craig Young, Principal Security Researcher , provides expert commentary at @Information Security Buzz.
"This is an interesting glimpse into the inner-workings of underground criminal hacking markets...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/21-million-logins-for-top-500-firms-offered-on-the-dark-web
Facebook Message
@Craig Young, Principal Security Researcher , provides expert commentary at @Information Security Buzz.
"This is an interesting glimpse into the inner-workings of underground criminal hacking markets...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/21-million-logins-for-top-500-firms-offered-on-the-dark-web