Thousands of FTSE 100 credentials available online

Cyber security risk management solutions company Outpost24 recently published its 2022 FTSE 100 credential theft study, revealing that over 31,000 credentials from the UK’s biggest companies have been compromised and leaked onto the dark web.

In total, Outpost24 found 31,135 stolen and leaked credentials, of which:

  • 75% were stolen through data breaches
  • 25% were obtained via malware, with the victims not knowing it had happened, at least initially

Across the entire FTSE 100 index, 81 companies were found to have had at least one credential exposed on the dark web.

Who is stealing the data, and which companies are hackers targeting?

Ransomware groups are the main culprits. Once they have access to systems, they have the potential to cause havoc, as seen during May 2021’s Colonial Pipeline ransomware attack.

Among FTSE 100 companies, over 60% of the compromised credentials came from industries subject to higher levels of regulation:

  • 23% came from IT and Telecoms businesses – this sector had the highest volume of credentials (7,303) found on the dark web
  • 22% came from energy and utility companies
  • 21% came from finance firms

These industries are targeted more frequently for various reasons, among them the potential to cause more significant levels of havoc with a successful attack and the possibility of “earning” a higher ransom or selling stolen data at a higher price.

In addition, businesses in these industries are likely to hold a significant volume of sensitive consumer data, heightening the potential for them to suffer a massive data breach if hacked. Consumer data breaches in these industries could prove particularly costly because the Information Commissioner’s Office (ICO) can fine businesses up to 4% of their global turnover.

As well as the industries mentioned above, the healthcare sector remains a significant target for cybercriminals even as we exit the pandemic. Outpost24’s research found that FTSE 100 healthcare companies have, on average, 485 compromised credentials on the dark web.

Victor Acin, Labs Manager at Blueliv, which is Outpost24’s threat monitoring and auditing tool, said: “Once an unauthorised third party or initial access broker get hold of user logins and passwords, they can sell the credentials on the dark web to an aspiring hacker, or use them to compromise an organization’s network by bypassing security measures and moving laterally within to steal critical data and cause disruption.

“Stolen credentials are dangerous because there is very little that can be done to identify and detect once an intruder is inside your system. Therefore, it’s important to proactively monitor stolen credentials and alert security to reset passwords upon discovery to reduce risk.”

If your data is compromised, you could be entitled to compensation

If your data is compromised due to a data breach within a FTSE 100 company or any other business or organisation, you could be entitled to compensation.

Contact us now for a free, no-obligation review of your potential claim.


Get in Touch

Fill in the form below to tell us your details, and we’ll get started.