The use of stolen or compromised credentials is the most common cause of data breaches. Credentials were the main attack vector in 19% of the breaches in 2022 and also the main attack vector in 2021, causing 20% of the breaches.
Credentials, such as email address or password, can fall into the hands of criminals through social engineering attacks, but often the source usually turns out to be a data breach of an online service.
In any case, to address this problem holistically, it is necessary to monitor the exposure of credentials. The results obtained can serve as a driver to launch 2 lines of work.
Work with exposed credentials, control line
Periodic and automated review of the exposure of credentials, typology of the exposed data and potential impact of the exposed information (combination of email address and password, IP, users…). The organization must know its level of exposure and work on it internally.
Work with exposed credentials, staff awareness line
One of the best practices for raising employee awareness is working with them, in addition to third-party examples and general information, showing them real cases with their own data.
For more information on how to manage and mitigate the risk of stolen credentials or compromised in third-party breaches, we recommend Kymatio Account Breach Scanner (ABS).