More than 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form.
According to a news report, the information was compiled from multiple sources, such as markets in the Tor network, web forums, Pastebin, IRC channels, social networks and messenger chats. 21,040,296 is the exact number of credentials found, mostly from tech companies, the financial industry, healthcare, energy, telecommunications, retail, industrial, transport, aerospace and defense sectors.
| Industry | Total Exposed Credentials |
| Technology | 5,071,144 |
| Financials | 4,915,553 |
| Healthcare | 1,923,340 |
| Industrial | 1,898,434 |
| Energy | 1,745,283 |
| Telecommunications | 1,329,882 |
| Retail | 682,003 |
| Transportation | 600,003 |
| Motor Vehicles & Parts | 575,046 |
| Aerospace & Defense | 549,073 |
In an additional report, ImmuniWeb researchers say 16,055,871 of the credentials were compromised in the past 12 months. They note 95 percent of the credentials contain unencrypted, or brute-forced and cracked by the hackers, plaintext passwords.
