Number of stolen credentials at top UK companies triples in 2017
A new study from threat intelligence platform Anomali reveals that the volume of credential exposures among FTSE 100 companies in the UK has dramatically increased to 16,583 from April to July 2017, compared to 5,275 in last year’s analysis.
According to the findings 77 percent of the FTSE 100 -- the 100 largest companies listed on the London stock exchange -- were exposed, with an average of 218 usernames and passwords stolen, published or sold per company.
In most cases the loss of credentials occurred on third party, non-work websites where employees reuse corporate credentials. In May 2017, more than 560 million login credentials were found on an anonymous online database, including roughly 243.6 million unique email addresses and passwords. The report shows that a significant number of credentials linked to FTSE 100 organizations were still left compromised over the three months following the discovery. This failure to secure exposed accounts means corporate data is left open to cyber attacks.
Five of the companies had more than 1,000 credential exposures, and the banking sector accounted for almost a quarter (23 percent) of the total exposed credentials.
"Our research has uncovered a staggering increase in compromised credentials linked to the FTSE 100 companies," says Colby DeRodeff, chief strategy officer and co-founder at Anomali. "Security issues are exacerbated by employees using their work credentials for less secure non-work purposes. Employees should be reminded of the dangers of logging into non-corporate websites with work email addresses and passwords. While companies should invest in cyber security tools that monitor and collect IDs and passwords on the Dark Web, so that staff and customers can be notified immediately and instructed to reset accounts."
The Anomali research team also looked at suspicious domain registrations -- used in phishing attacks -- finding that 82 percent of the FTSE 100 to have at least one cataloged against them, and 13 percent with more than ten. The majority of these were registered in the United States (38 percent), followed by China (23 percent). With the majority of cyber attackers using Gmail and qq.com (a free Chinese email service) to register these domains to mask themselves. The sector hit hardest by malicious domain registrations is banking, accounting for 23 percent of the total.
You can find out more about the report and Anomali's threat intelligence products on the company's website.