Risk Management, Identity and Access, Strategy, Threat intelligence

Rampant password reuse puts companies and customers at risk

February 15, 2021
SpyCloud says in a new report that 76% of employees at the largest companies in the world still reuse their passwords across work and personal accounts, presenting hacking opportunities for attackers, Help Net Security reports. The group further reveals that more than 543 million breach assets tied to Fortune 1000 employees and 25.9 million business account credentials are currently accessible to cybercriminals. Employees as high as in the executive levels have been found to secure their personal accounts behind the same credentials used in their corporate accounts, leaving corporate networks and systems vulnerable to unauthorized access when those personal accounts are breached. Among the group’s findings, the telecommunications sector has the highest average number of leaked credentials, at 552,601 per company, while 13,897 personal or corporate systems owned by workers in the technology sector have apparently been infected with credential-stealing malware. Meanwhile, the most widely used credentials among employees remain “123456” and “password” despite repeated warnings about their weakness.
Jill Aitoro

SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

prestitial ad