Austin, Texas, USA, March 19, 2025, CyberNewswire
The average business user has 146 stolen records linked to identity, an average increase of 12 times from previous estimates, reflecting a surge in overall identity exposure.
Spicloud, a leading identity threat protection company, today released its 2025 Spicloud Annual Identity Exposure Report, highlighting the rise in identity data exposed to DarkNet as the major cyber risks facing businesses today. As cybercriminals move beyond a single data point and leverage data stolen from many sources (violations, malware, fish), they embrace a more sophisticated approach to identity exploitation, and organizations must shift their focus to comprehensive, holistic defensive strategies that explain the interconnected nature of digital identities.
Holistic Identity: A New Cyber Battlefield
While organizations have traditionally focused on ensuring individual account eligibility, Spicloud’s research shows that cybercriminals have expanded their tactics beyond traditional account takeovers. Attackers now have access to a wide range of identity data from multiple sources, including data breaches, infosealer malware infections, phishing campaigns, and combolists.
Spicloud’s collection of Recaptured Darknet data has grown by 22% over the past year. It currently encompasses more than 53.3 billion different identity records and over 700 billion stolen assets, and is currently circulating in criminal basements, promoting identity-based cybercrime. These assets are a vast array of personal and professional qualifications, session cookies, personal identifiable information (PII), financial data, IP addresses, domestic IDs, and more.
“The cybersecurity industry has been defending against traditional qualification-based threats for many years, but the reality is that attackers have made progress as accessible data exploded.” “Identity is the ultimate frontier of cyber risk, requiring exposure to new attack surfaces across personal and professional identities of the past and present.
Fleury continues. “At Spicloud, we have created an overall identity analysis built on the largest collection of Darknet data in the industry. Customers can correlate different data points, including their personal digital footprints.
A new definition of identity risk emerges
The explosion of available identity data allowed attackers to bypass security barriers by combining historical and current records. Traditionally, cybersecurity teams could only see a small fraction of their individual darknet exposures – only exposed assets primarily linked to corporate identity – but not comprehensive, nor correlated with other exposures. Spicloud reports show that personal identity exposure is wider than traditional cyber risk tools show. In fact, this is a vast web of interrelated assets that provide cybercriminals with a roadmap to exploit vulnerabilities and a roadmap to unlock valuable access.
Of particular concern for businesses, a single business user has an average of 146 stolen records linked to their identity, across 13 unique emails and 141 qualification pairs (username or email and associated passwords). In the consumer space, numbers are even higher on 229 records per consumer, frequently including public PIIs such as date of birth, phone number, phone number, social security/ID number, address, credit card or bank information. Consumer exposure averages 27 unique emails and 227 qualification pairs per user.
“The 2024 record-breaking violations, including the Mothers of All Violations (MOABs) and the increased use of Infosteel malware and crafty phishing campaigns, and the increased use of Infosteel malware and crafty phishing campaigns, show how enormous the pool of exposed identity data has become. “Understanding how cybercriminals aggregate stolen data and the new tactics and trends they are leveraging to envision more valuable information and access, organizations can take proactive steps before escalating identity-based threats from these large underground sources.”
Additional Report Results:
17.3 billion cookies have been recaptured from malware-infected devices, allowing attackers to bypass MFA and hijack active user sessions. The entitlement of 548 million people has been expanded through Infostealer Malware, highlighting the growing role of stealth targeted data theft in enterprise attacks. In 2024, 3 billion passwords were recaptured, an increase of 125% from the previous year. 70% of users whose eligibility was published for violations last year reusing previously compromised passwords, significantly increasing the risk of account takeover attacks. Over 9 Jumps from 2023 – 44.8 billion PII assets – A 39% increase from 2023 opens the door for new fraud. 97% of 2024 recaptured fish data logs from popular phishing (PHAAS) platforms like ONNX included email addresses, with 64% associated IP addresses, giving criminals a direct opportunity as users and making lateral movements within the organization. In the public sector, Spicloud recaptured 127k.gov credentials and observed a 67% best password reuse rate (an increase of 13% year-on-year).
Evolving Cybersecurity Strategy
The findings highlight that cybercriminals are working well with their own legacy tactics, and businesses must recognize that traditional defenses are no longer sufficient. Spicloud’s approach leverages an overall identity analysis powered by the industry’s largest collection of recaptured darknet data to help organizations more effectively mitigate risk while correlating different identity factors and strengthening identity threat protection measures.
For more insights, check out the 2025 Spicloud Identity Exposure Report in full.
About Spicloud
Spicloud transforms the darknet data you turn to destroy cybercrime. Its automated, overall identity threat protection solutions leverage advanced analytics to proactively prevent ransomware and account acquisitions, protect employees and consumer accounts, and accelerate cybercrime investigations. Spicloud violations, malware-infected devices, and data from successful Phish also enhances the provision of many popular dark web surveillance and identity theft protection. Customers include seven Fortune 10, along with hundreds of global companies, medium-sized companies and government agencies around the world. Headquartered in Austin, Texas, Spycloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from stolen identity data currently targeted by criminals.
For more information and insights, users can visit spicyloud.com.
contact
Emily Brown
Req on behalf of Spicloud
spicloud@req.co
Source link
