More than 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form. 

According to a news report, the information was compiled from multiple sources, such as markets in the Tor network, web forums, Pastebin, IRC channels, social networks and messenger chats. 21,040,296 is the exact number of credentials found, mostly from tech companies, the financial industry, healthcare, energy, telecommunications, retail, industrial, transport, aerospace and defense sectors.

Industry Total Exposed Credentials
Technology 5,071,144
Financials 4,915,553
Healthcare 1,923,340
Industrial 1,898,434
Energy 1,745,283
Telecommunications 1,329,882
Retail 682,003
Transportation 600,003
Motor Vehicles & Parts 575,046
Aerospace & Defense 549,073


In an additional report, ImmuniWeb researchers say 16,055,871 of the credentials were compromised in the past 12 months. They note 95 percent of the credentials contain unencrypted, or brute-forced and cracked by the hackers, plaintext passwords.