Austin, TX, United States, March nineteenth, 2025, CyberNewsWire
The typical company person now has 146 stolen data linked to their identification, a median 12x enhance from earlier estimates, reflecting a surge in holistic identification exposures.
SpyCloud, the main identification risk safety firm, immediately launched its 2025 SpyCloud Annual Identification Publicity Report, highlighting the rise of darknet-exposed identification knowledge as the first cyber danger dealing with enterprises immediately. As cybercriminals transfer past single knowledge factors and leverage stolen knowledge from a variety of sources – breaches, malware and phishes – they’re embracing a extra subtle method to identification exploitation, and organizations should shift their focus to a complete and holistic protection technique that accounts for the interconnected nature of digital identities.
Holistic Identification: The New Cyber Battleground
Organizations have historically centered on securing particular person account credentials, however SpyCloud’s analysis signifies that cybercriminals have expanded their techniques past typical account takeover. Attackers now have entry to intensive identification knowledge from a number of sources—together with knowledge breaches, infostealer malware infections, phishing campaigns, and combolists—posing a problem for organizations whose safety measures haven’t but tailored to handle the complete scope of interconnected identification exposures holistically.
SpyCloud’s assortment of recaptured darknet knowledge grew 22% prior to now yr, now encompassing greater than 53.3 billion distinct identification data and over 750+ billion complete stolen belongings that are actually circulating within the legal underground, fueling identity-based cybercrime. These belongings are an enormous array of private {and professional} credentials, session cookies, personally identifiable info (PII), monetary knowledge, IP addresses, nationwide IDs and extra that criminals are weaponizing in assaults towards people and companies.
“The cybersecurity trade has spent years defending towards conventional credential-based threats, however the actuality is that attackers have superior as the information they’ve entry to has exploded in quantity,” mentioned Damon Fleury, Chief Product Officer, SpyCloud. “Identification is the final word frontier of cyber danger, with customers’ publicity throughout previous and current, private {and professional} identities the brand new assault floor. It requires organizations to rethink the dangers posed by workers, customers, companions and suppliers.”
Fleury continues, “At SpyCloud, we’ve created holistic identification analytics constructed on the trade’s largest assortment of recaptured darknet knowledge, enabling our prospects to correlate disparate knowledge factors that embody a person’s digital footprint—offering a very holistic view of identification danger.”
New Definition for Identification Danger Emerges
With the explosion of accessible identification knowledge, attackers can now piece collectively historic and present-day data to bypass safety boundaries. Historically, cybersecurity groups had been solely in a position to see a fraction of a person’s darknet exposures – primarily solely the uncovered belongings tied to a company identification – which weren’t complete nor in correlation with different exposures. SpyCloud’s report exhibits that a person’s identification publicity is extra expansive than conventional cyber danger instruments would point out; in reality, it’s a sprawling net of interrelated belongings that present cybercriminals with a roadmap to take advantage of vulnerabilities and the keys to unlock helpful entry.
- Of explicit concern for companies, a single company person now has an common of 146 stolen data linked to their identification – throughout 13 distinctive emails and 141 credential pairs (a username or e mail and its related password) per company person, which highlights how attackers correlate historic knowledge to uncover lively enterprise entry factors.
- Within the client realm, the numbers are even increased with 229 data per client, often together with uncovered PII comparable to full names, dates of start, and telephone numbers, in addition to Social Safety/ID numbers, addresses, and bank card or financial institution info. Client publicity averages 27 distinctive emails and 227 credential pairs per person.
“The record-breaking breaches of 2024, together with the Mom of All Breaches (MOAB) and the Nationwide Public Knowledge Breach, together with the rising use of infostealing malware and artful phishing campaigns illustrate simply how huge the pool of uncovered identification knowledge has change into,” mentioned Trevor Hilligoss, Senior Vice President of Safety Analysis, SpyCloud Labs at SpyCloud. “By understanding how cybercriminals mixture stolen knowledge and the brand new techniques and traits they’re leveraging to imagine much more helpful info and entry, organizations can take proactive steps to mitigate identity-based threats from these giant underground sources earlier than they escalate.”
Further Report Findings:
- 17.3 billion cookies had been recaptured from malware-infected gadgets, enabling attackers to bypass MFA and hijack lively person periods.
- 548 million credentials had been exfiltrated by way of infostealer malware, highlighting the rising position of stealthy, focused knowledge theft in enterprise assaults.
- 3.1 billion passwords had been recaptured in 2024, marking a 125% enhance from the earlier yr.
- 70% of customers whose credentials had been uncovered in breaches final yr reused beforehand compromised passwords, considerably growing their danger of account takeover assaults – a 9+ soar from 2023.
- 44.8 billion PII belongings – a 39% enhance from 2023 are opening the door for brand new fraudulent actions.
- 97% of recaptured phished knowledge logs in 2024, from fashionable phishing-as-a-service (PHaaS) platforms like ONNX, included an e mail tackle and 64% had an related IP tackle, giving criminals direct alternatives to perpetrate because the person and make lateral actions inside a corporation.
- Within the public sector, SpyCloud recaptured 127K .gov credentials and noticed a 67% all-time password reuse fee – a rise of 13% over the earlier yr – highlighting persistent safety dangers for our federal businesses and nationwide safety.
Evolving Cybersecurity Methods
The findings spotlight that cybercriminals are transferring well-beyond their very own legacy techniques and companies should acknowledge that conventional defenses are not sufficient. SpyCloud’s method leverages holistic identification analytics, powered by the trade’s largest assortment of recaptured darknet knowledge, to assist organizations correlate disparate identification components and shore up identification risk safety measures, whereas mitigating danger extra successfully.
For additional insights, the complete 2025 SpyCloud Identification Publicity Report is on the market right here.
About SpyCloud
SpyCloud transforms recaptured darknet knowledge to disrupt cybercrime. Its automated holistic identification risk safety options leverage superior analytics to proactively stop ransomware and account takeover, safeguard worker and client accounts, and speed up cybercrime investigations. SpyCloud’s knowledge from breaches, malware-infected gadgets, and profitable phishes additionally powers many fashionable darkish net monitoring and identification theft safety choices. Clients embody seven of the Fortune 10, together with tons of of world enterprises, mid-sized firms, and authorities businesses worldwide. Headquartered in Austin, TX, SpyCloud is dwelling to greater than 200 cybersecurity consultants whose mission is to guard companies and customers from the stolen identification knowledge criminals are utilizing to focus on them now.
To be taught extra and see insights, customers can go to spycloud.com.
Contact
Emily Brown
REQ on behalf of SpyCloud
[email protected]
