Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsCybersecurity News

Number of stolen and exposed credentials has risen 300% from 2018

password
July 8, 2020

Digital Shadows reveals new research assessing how cybercriminals exploit stolen credentials for accounts that we use every day, including bank accounts, social media and video streaming services. The study, entitled From Exposure to Takeover finds there are more than 15 billion credentials in circulation in cybercriminal marketplaces, many on the dark web – the equivalent of more than two for every person on the planet. The number of stolen and exposed credentials has risen 300 percent from 2018 as the result of more than 100,000 separate breaches. Of these, more than 5 billion were assessed to be ‘unique’ – i.e. they have not been advertised more than once on criminal forums.

The majority of  exposed account credentials belong to consumers and include usernames and passwords from bank accounts to video and music streaming services. Many account details are offered free of charge but of those on sale the average account trades for $15.43. Unsurprisingly, bank and financial accounts are the most expensive, averaging at $70.91, however they trade for  upwards of $500, depending on the ‘quality’ of the account. In addition to being the most expensive, banking, and financial accounts accounted for 25 percent of all the advertisements analyzed.

The research also finds that access to organizations’ key systems trade at a significant premium. Usernames with “invoice” or “invoices” were by far the most common advertised and comprise 66 percent of the 2 million usernames assessed. “Partners” and “payments” came in a distant second and third place, both with 10 percent each. Dozens of advertisements for domain admin access are also advertised and in many cases are being auctioned to the highest bidder with prices ranging from $500 to $120,000 – with an average $3,139. Digital Shadows cannot confirm the validity of the data that the vendors purport to own, but listings included those for large corporations and government organizations in multiple countries.

Digital Shadows has alerted clients to 27.3 million username and password combinations in the last 18 months. Unfortunately for both consumers and business, account takeover has never been easier (or cheaper) to do for cyber criminals. A myriad of brute-force tools and account checkers are available on criminal marketplaces – and can be used with little technical expertise – for an average of $4.

Digital Shadows has also observed the growth of ‘account takeover as-a-service’ such as those advertised on Genesis Market, where rather than buying a credential, criminals can rent an identity for a given period, often for less than $10. For this price, the service collects fingerprint data (such as cookies, IP addresses, time zones) from an individual (the target), which makes it considerably easier to perform account takeovers and transactions that go unnoticed. Such is the popularity of these services that users on forums are desperate to acquire invite codes to this market.

Multi factor authentication (MFA) can offer a significant barrier to criminals however Digital Shadows found evidence that methods to bypass 2FA are also commonly discussed on cybercriminal forums. In December 2019, for example, one user on the Russian-language cybercriminal forum Exploit created a thread to sell a method designed to bypass 2FA systems at a United States-based online bank. They stated that their system would allow seven to nine out of 10 accounts to be accessed without requiring SMS verification, and that they considered their offer was worth USD 5,000.

Rick Holland, CISO and VP of Strategy at Digital Shadows comments: “The sheer number of credentials available is staggering and in just over the past 1.5 years, we’ve identified and alerted our customers to some 27 million credentials – which could directly affect them. Some of these exposed accounts can have (or have access to) incredibly sensitive information. Details exposed from one breach could be re-used to compromise accounts used elsewhere. The message is simple – consumers should use different passwords for every account and organizations should stay ahead of the criminals by tracking where the details of their employees and customers could be compromised.”

To find out more and to access the full report, please go to www.digitalshadows.com.

 

Digital Shadows advises business to adopt the following best practices: 

  • Monitor for leaked credentials of your employees. HaveIBeenPwned can be a useful starting point in alerting you to instances of breaches including your organization’s email domain.
  • Monitor for mentions of your company and brand names across cracking forums. Use Google Alerts for this – Johnny Long offers some great tips for doing so (http://www.mrjoeyjohnson.com/Google.Hacking.Filters.pdf) and Google alerts can provide a good identification of the specific risks to your business. Configuration files for your website that are being actively shared and downloaded are a good indication of impending attempts at account takeover.
  • Don’t forget other sources. Code repositories can be rich with secrets and hard-coded passwords. 
  • Monitor for leaked credentials of your customers, allowing you to take a more proactive response. Consider alerting your customers that their email has been involved in a breach, prompting them to reset their password if they have reused credentials.
  • Deploy an online Web Application Firewall. Commercial and open source web application firewalls, like ModSecurity, can be used to identify and block credential stuffing attacks.
  • Increase user awareness. Educate your staff and consumers about the dangers of using corporate email addresses for personal accounts, as well as reusing passwords.
  • Gain an awareness of credential stuffing tools. Keep an eye on the development of credential stuffing tools, and monitor how your security solutions can protect against evolving capabilities. Some credential stuffing tools are able to bypass some CAPTCHAs, for example.
  • Some element of 2FA is always better than none but try to phase out multi-factor authentication using SMS. This can help to reduce account takeovers, but make sure this is balanced against the friction (and cost) it can cause. The Photon Research team has produced a report, Two-Factor In Review: A technical assessment of the most popular mitigation for account takeover attacks, detailing the technologies involved with 2FA, attacks against the solution, and ways to mitigate them.
KEYWORDS: cyber security Dark Web information security passwords risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • data breach

    Cost of Data Breaches Has Risen 12 Percent

    See More
  • cyber-SMB

    Data breach reports down 52% in the first half of 2020; Number of records exposed increase to 27 billion

    See More
  • UK study says binge-drinking is up and smoking is down in Glasgow

    Alcohol use has risen amid COVID-19 but smoking has decreased, according to Glasgow study

    See More

Related Products

See More Products
  • 9780367221942.jpg

    From Visual Surveillance to Internet of Things: Technology and Applications

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!