Security experts found that a trove of over millions of email credentials, which belongs to employees of Fortune 500 companies, has been leaked to the dark web. Experts analysed data from over a three-year period, which represented the largest ever trove of stolen credentials – amounting to eight billion. It was found that over 2.7 million of these eight billion stolen credentials have found their way into the dark web.
Experts found that account credentials of every 1 in 10 Fortune 500 staffer has been leaked to the dark web, according to a new report by credential verification service VeriClouds. Experts found that the highest number of leaked credentials, 555,000 credentials, which amounts to 20% of all leaked data, came from the financial sector.
"We see that on average each leaked Fortune 500 email address, associated with an online account, is found at 2.3 leaked data sources," VeriClouds said in a report. "This fact contributes to increased credential availability and makes it a preferred method for bad actors to breach organizations using credential stuffing or account takeover attacks. Furthermore, the availability of credentials data increases when many bad actors repackage or combine older breach data and resell it."
VeriClouds said that while it conducted customer research at an unspecified major airline company, it found that 13.1% of leaked customer passwords on the dark web matched the current passwords of the airline company's customers.
VeriClouds also found that industries like the computers and office equipment industry (25%), the transportation equipment industry (17.6%) and the telecommunications industry (12.9%) are among those that have the most weak, compromised passwords. However, the report stated that the highest number of weak or compromised passwords – 109,000 – came from the commercial bank industry. This is closely followed by the telecommunications industry and the computer, office equipment industry with 100,000 and 73,000 weak or compromised passwords respectively.
Some sectors such as the telecommunications, media and the wholesalers industries actually saw a rise in the number of leaked credentials in 2017 with a 22.4%, 5% and 2.3% increase respectively.
Fortunately, however, the number of account credentials leaked onto the dark web in 2017 has actually decreased by 7.5%, when compared to 2016.
"We don't know the specific reason for the overall decrease. One possible reason could be that some companies have applied more strict security policies to discourage employees using corporate email addresses to register accounts on 3rd party website," VeriClouds said. "We also noticed in 2017 some well-known dark web credential sellers disappeared from the market place."