Constella Intelligence Publishes 2021 Identity Breach Report


We make it our mission at Constella Intelligence to defeat digital risk, and we’re proud to partner with some of the world’s most prestigious companies to protect what matters most. It’s time for our 2021 Annual Identity Breach Report, and without a doubt, this year has been particularly noteworthy.

We released our 2021 Identity Breach Report, titled “PII Fueling the Threat Economy: How Crisis Creates Targeted Vulnerabilities for Individuals, Executives, and Brands,” to provide insight into the breach economy and the tactics, techniques, and procedures used by threat actors to exploit the digital ecosystem in times of crisis.The threat intelligence team at Constella Intelligence discovered over 8,500 breaches and leakages in dark markets and underground forums in 2020, totaling nearly 12 billion records.

MainOutcomes from Constella’s 2021 Identity Breach Report comprise:

PII was exposed in nearly 60% of the data breaches examined, and passwords were exposed in 72% of these breaches.

Over the last five years, a data breach exposed over 40% of executives from Fortune 500 companies in the Energy and Telecommunications sectors.

Since 2016, Fortune 500 companies in the energy and telecommunications industries have had their corporate domains exposed in over 11k breaches/leakages, with over 40% of these exposures occurring since 2020, indicating a deterioration in corporate credential security.

Nearly a quarter of a sample of 55 Fortune 500 Energy executives had their passwords exposed.

Constella discovered vaccine doses from Pfizer, AstraZeneca, Sputnik and Moderna being sold in multiple dark marketplaces for as little as $8 to nearly $850.

In comparison to 2019, the crypto-currency, news, and healthcare industries saw 120 percent, 110 percent, and 51 percent increases in breaches and leakages, respectively.

In comparison to the findings of Constella’s 2020 Identity Breach Report, the price of personal records transacted in dark marketplaces, such as driver’s licences (+328%), passports (+1,185%), and ID cards (+642%), increased significantly, possibly due to increased demand for false identification records during the pandemic.

The digital ecosystem and breach economy were transformed in 2020, resulting in new cyber vulnerabilities. The COVID-19 pandemic altered our daily lives, forcing citizens to rely on new digital solutions and work from home. As new vulnerabilities emerge, cyber threat actors try to take advantage of them.

Vaccines, forged vaccine certificates, and other COVID-19-related items were sold in dark marketplaces and underground forums, thanks to new vectors of exploitation made possible by the COVID-19 pandemic. Constella’s study looked into the value of personally identifiable information (PII), drawing connections between the breach economy, PII, and a variety of new digital threats to executives and brands. Constella discovered an exorbitant increase in the price of sensitive personal records sold on the deep and dark web, with the price of driver’s licences, passports, and ID cards rising significantly from the previous year studied – possibly due to increased demand for personal records during the pandemic. Constella’s 2021 Identity Breach Report also includes a deep dive into the Fortune Global 500’s top companies in the Energy and Telecommunications sectors, demonstrating increased exposure and vulnerability of the sector’s companies, employees, and executives over the past year.

Administrators are the Objective

Threat actors gained increased access to individuals’ work and personal information as a result of the pandemic forcing many to use digital solutions to conduct business. Targeting employees and executives in order to gain access to corporate networks not only puts organisations at risk, but it also jeopardises the reputations of the company and its executives.Executives and employees are increasingly being used as conduits for inflicting financial and reputational harm on businesses.

We discovered that 43 percent of Fortune 500 telecommunications executives had their corporate credentials exposed in a breach or leak since 2016, and that 100 percent of them had been exposed on data broker site breaches.In a similar survey of Fortune 500 energy executives, we discovered that 45 percent had their corporate credentials compromised in a breach or leak since 2016.

The Year(s) of COVID-19

COVID-19 has unquestionably been the year 2020-2021. Changes brought on by COVID-19 have had a significant impact on everyone and every industry. The pandemic’s central significance to the public, private, and digital spheres was exemplified by deep and dark markets.The exploitation of the COVID-19 pandemic has been a recurring theme in dark markets, according to Constella, with vaccine doses from Pfizer, AstraZeneca, Moderna, and Sputnik being sold for as little as $8 to as much as $850 in multiple dark marketplaces.

The Service Trade: Serious Services At Risk

Energy and telecommunications are two sectors that have been impacted by the breach economy. Notably, the “Services” industry, which includes utilities, telecommunications, energy, food, and transportation firms, accounted for more than 20% of the breaches investigated, up 62 percent from 2019. This could be due to the COVID-19 pandemic’s increased reliance on these industries.The most affected industries were services, gaming and gambling, social and dating, and retail. Furthermore, our research shows that the breach economy is growing and executives are being targeted in certain industries, with over 40% of executives from Fortune 500 companies in the Energy and Telecommunications sectors being exposed in a breach in the last five years.

Exposures to the top 20 Fortune 500 energy companies have increased dramatically. Nearly 60% of records exposed in the Energy sector in the last five years have occurred since 2020. In the telecommunications industry, there has been a significant increase in the number of corporate credentials that have been exposed. Over 40% of their breaches occurred in the last two years, according to data collected over the last five years.Furthermore, in the Telecommunications sector, 80 percent of employee exposures have occurred in the last two years, indicating a worsening use of corporate credentials since 2016.

Dark Market Economy: Affected Rise in the Price of Individual Records

As our communities move their daily functions online, the dark market continues to thrive. Threat actors have been selling passports, drivers’ licences, and other identification cards on the dark web for years. Since the pandemic, however, these markets have grown to include COVID-related products.

Vaccines, real and fake, as well as fake vaccine certificates, have been identified for sale in underground markets by our threat intelligence teams. Vaccines for sale on several dark markets have different prices depending on the brand. AstraZeneca sells for an exorbitant $848.50 on average; Pfizer sells for $483.75; Moderna sells for $193.60; and Sputnik sells for an average of $8.Other COVID items include German vaccine certificates, which sell for an average of $22.35, and COVID-19 antigen tests, which sell for a flat rate of $25. The only way to pay is with cryptocurrency.

Passports and drivers’ licences, which were already being sold on the black market, saw significant price increases of 1,185 percent and 328 percent, respectively.Travel restrictions around the world are most likely to blame for these rises.


Please enter your comment!
Please enter your name here