"Password Reuse Is Rampant Among Fortune 1000 Employees"

SpyCloud's annual analysis of identity exposure reveals rampant password reuse among employees of Fortune 1000 companies in the technology, finance, retail, and telecommunications sectors. Based on a database of more than 200 billion recaptured assets, researchers identified more than 687 million exposed credentials and Personal Identifiable Information (PII) records belonging to Fortune 1000 employees, which is a 26 percent increase from that of 2021. Further analysis revealed a 64 percent password reuse rate as well as the extensive use of easy-to-guess passwords and a surge in malware-infected devices. These are all sources of cyber risk for employers and consumers who depend on businesses to protect their personal data. In addition, researchers identified credentials, PII, and infected device data of 70,000 Fortune 1000 employees in recaptured botnet logs consisting of information stolen through infostealer malware. These high-severity exposures provide the data needed for cybercriminals to circumvent authentication measures and impersonate employees. This data includes passwords, system information, browser fingerprints, web session cookies, and more. About 29 million malware-infected consumer devices were used for logging into the consumer-facing sites of Fortune 1000 companies. The report also showed that critical infrastructure companies had the worst password hygiene. Password hygiene issues were discovered across the aerospace and defense, chemical, industrial, and energy industries. Bad password hygiene included, for example, the use of company names. Although critical infrastructure employees were found to have the poorest password hygiene, the technology sector had the most severe identity exposure. The technology sector had over 26 million breach records that represented 139 million employee assets, comprising 21 percent of all exposed Fortune 1000 records. Out of all the key sectors, the technology sector had the largest number of malware-infected devices. This article continues to discuss key findings from SpyCloud's annual analysis of identity exposure among employees of Fortune 1000 companies in key sectors.

Help Net Security reports "Password Reuse Is Rampant Among Fortune 1000 Employees"