There have been a number of high-profile data thefts involving many big companies in the past decade. The personal information, including credit card details, belonging to millions of people working for or associated with many big companies like Yahoo which was hacked in 2013. Global majors eBay, Adobe, Equifax, JP Morgan Chase, Sony PlayStation Network and more recently Uber, were also exposed to data theft. And although most of the companies deny such breaches on record, they do happen almost every day, particularly so in the case of big organisations.
And in one of the biggest cases of cyber data thefts so far, security experts have found that online credentials belonging to millions of employees of 2017 Fortune 500 companies has been compromised over the past three years and leaked to the dark web. The sheer number of leaked employee email accounts makes it one of the biggest cybersecurity threats of 2017.
According to research by Vericlouds, a Seattle-based security company that offers credential monitoring and verification services, the email account details including passwords of nearly 1 in every 10 employees working in Fortune 500 companies have been leaked to the dark web.
The data used in the research was gathered over the past three years and represents the largest available cache of over 8 billion stolen credentials, of which more than 2.7 million credentials are feared to have been leaked to the dark web.
And although sectors like telecom, media and wholesale industry witnessed a rise in the number of leaked credentials in the last year, the number of account credentials being leaked to the dark web has actually decreased by 7.5 percent year-on-year.
Vericlouds says in its report that on average each of the leaked Fortune 500 email addresses is found on approximately 2.3 leaked data sources. The firm suggests that the availability of the stolen credentials increases when that hackers or "breach organizations" repackage and combine older stolen data and resell it.
This leaked data could be used by hackers to gain access into the companies' systems for more sinister purposes, which threaten the security of not only the employees and the organisation but even the industry as a whole.
The experts have found that most of the leaked credentials, almost 555,000 credentials accounting to 20 percent of all the leaked data, belonged to employees from the financial sector, meaning that the financial sector is at the most risk.
The Vericlouds report also states that the commercial banking industry had the highest number of weak or compromised passwords industry with 109,000 weak passwords, followed closely by the telecommunications industry with 100,000 and the computers and office equipment industry with 73,000 weak or compromised passwords.
Meanwhile, in India, the government-run citizen identification database Aadhaar was recently alleged to had a data breach of over one billion Indian citizens, but the authority later claimed that it was just a sham. Before that, Reliance Jio was also in the middle of a data breach controversy when the Aadhaar data of millions of users was said to have been leaked.