According to SpyCloud research that focuses on exposed data, in 2021, researchers found 1.7 billion exposed credentials, up 15% from 2020, and 13.8 billion reclaimed Personally Identifiable Information (PII) data from breaches.
”Reused passwords have been the leading vector in cyberattacks in recent years, and the threat of digital identity exposure is a growing problem. The findings of our annual report show that users are still not taking password security as seriously as they should. The threat of account takeover is not enacting wholesale improvements to consumer cyber hygiene, and that’s an alarming thought given the frequency of digital identity fraud.” said David Endler, Chief Product Officer of SpyCloud.
An average user has hundreds of online accounts, each with its own login, and as a result, password reuse is on the rise. According to SpyCloud research, 64% of users with multiple compromised passwords used the same password for several accounts, making them vulnerable to account compromises and brute-force attacks. This is a 4x jump over the report from 2021.