Fortune 500 Companies Data Breach: 21M+ Login Data Darknet


Fortune 500 companies have become the latest victim of data breach as over 21 million login credentials of users have been found on the dark web for sale. According to the report, it is suspected that their data was breached long ago as website data breaches can go several months or even years unnoticed.

Fortune 500 has been said to have a good financial standing, and is one of the leading companies in a pole position to heavily invest in cybersecurity to keep the sensitive details of users safe. However, the icy hands of hackers fell on them.

As claimed by the report, about 95% of the stolen credentials contained “unencrypted, and cracked by attackers, plaintext password”. Surprisingly, about 16 million of the stolen credentials were obtained and uploaded on the dark web in the last 12 months. The researchers discovered that majority of the employees at fortune 500 used identical or the same password. This is a very serious issue as there was a big probability of password being leaked to a third party. Only 4.9 million of the 21 million stolen passwords were found to be unique.

Login credentials

Image Source:

From the report, hackers managed to steal about 5 million login credentials from the technology and financial sector. The healthcare and industrial sector lost closed to 2 million login credentials to hackers, whiles the energy and the telecommunication sector lost about 1 million login credentials. Other sectors including transportation, defense, retail, aerospace and motor vehicles lost millions of login credentials to hackers according to the report.

ImmuniWeb discovered that the stolen credentials from all the Fortune 500 companies were displayed across the various dark web forums, Messenger chats, Pastebin, social networks and other locations for sale. The hackers behind the data breach were not specified, but it is suspected that they may be one of the notorious hackers on the dark web who launches malware to steal sensitive data of companies.

Ilia Kolochenko, the founder and CEO of ImmuniWeb stated that the number of stolen login credentials are alarming. In his statement, he explained that the widespread of login credentials on dark web is a modern-day Klondike of mushrooming threat actors. The actors do not need to spend much money on any expensive tool. They can easily break into the administration panel of organizations and remain unnoticed by security systems.

Unfortunately, most of these data breaches are technically uninvestigable due to lack of log or absolute control over the breached system according to Kolochenko. From the analysis of the Fortune 500 companies, about 47.29% of the password used by the retail organization were either default passwords or weak passwords. Also, 37.5% of the passwords used by the telecommunication firm, 36.19% of passwords used by industrial organization, 35.12% of passwords used by the financial sector and 33.87% of passwords used by the technology firm were weak or default passwords. This leads to the conclusion that the leakage was as a result of user underrating the abilities of hackers to take advantage.

It was also reported that the Fortune 500 companies’ users used weak passwords as 42% of the stolen passwords were related to the company, or related to the breached resources in question. In addition, 11% of the total analyzed passwords were identical.

Login Credentials

Image Source:

According to the researchers, previous reset settings set similar passwords to a bunch of accounts leading to the possession of weak passwords. Also, proliferation of bolt creating accounts and usage of default passwords led to the usage of identical and weak passwords.

This is a big lesson to individuals and corporate bodies to either invest in cybersecurity or avoid the use of weak passwords that can be breached with persistence. 

Stuart Sharp, the VP of Solution Engineering at OneLogin stated from the research that many companies would not know that their cloud service have been compromised unless the actors try to invoice payment redirection, or the breached login credentials are spotted on the public domain for sale. The stealing of login credentials is a very serious issue, as the compromised password can be used to access highly sensitive information of the company.

In most cases, hackers use the stolen data to negotiate for a large sum of money. In some cases too, hackers put the stolen data up on the dark web for sale to be used for a more dangerous act. It is expected that Fortune 500 will put more cybersecurity measures in place to avoid a future occurrence.

Source: TEISS, Fortune and Medium

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #.onion_Links #Dark_net_Links #Dark_net_Sites_Links #.onion_Hidden_Links #Hidden_Wiki


Please enter your comment!
Please enter your name here