LEAKED CREDENTIALS
“What my email and password are known on the dark web”?
COMPANY
Sector: Marketing
Size: 1 - 10 employees
Location: Flanders
FACTS & FIGURES
20 of 24 of tested SMEs were affected
Protection efforts: Low
Business Impact: High
CONTEXT
After testing the digital footprint of a Marketing company, we were able to find leaked credentials of different employees on the dark web. Leaked credentials refer to usernames and passwords that have been exposed or stolen from databases or online platforms due to passed security breaches or hacking incidents. These leaked credentials if not changed in the meanwhile can be used to access several accounts.
INCIDENT OVERVIEW
We used the leaked credentials to connect to professional accounts, this type of attack is called credential stuffing. We used the found lists of usernames and passwords from one data breach to attempt unauthorized access to user accounts on other online platforms, exploiting the common practice of reusing passwords across multiple accounts. After a couple of attempts, we were able to connect ourselves to different accounts including social media accounts that were linked to VISA cards.
BUSINESS IMPACT
Leaked credentials can have big financial implications, like for example malicious users could use budgets related to visa for advertising campaigns on social media. Unauthorized access by using leaked credentials may result in data breaches, exposing sensitive information, which can impact confidence and credibility. Of course, operations can be disrupted, with disastrous impact on business continuity.
The business impact of leaked credentials includes:
Financial loss: Companies may suffer financial losses due to fraudulent transactions or legal fees resulting from unauthorized access.
Reputation damage: Breaches can tarnish a company's reputation, leading to loss of trust among customers and partners.
Operational disruption: Dealing with security breaches can disrupt normal business operations and divert resources.
Legal consequences: Companies may face legal repercussions, fines, or lawsuits for failing to protect sensitive data.
Regulatory compliance: Violations of data protection regulations can result in hefty fines and damage to regulatory standing.
SECURITY MEASURES
To protect your company against leaks it is important to firstly check if there is any leaked information about your company. If there are leaked credentials, you must make sure that they are not in use anymore by the user for authentication. Besides this first action it is important to take further measures:
To protect against leaked credentials:
Utilize tools to check for compromised emails.
Enforce strong security measures like regularly updating passwords and implementing multi-factor authentication (MFA).
Raise general awareness to avoid using professional emails for personal activities and refrain from using the same passwords across different platforms.
RESOURCES
Has my password been breached: Link Breached Passwords
