November 30, 2023by Benji Preminger

Cybersecurity in Retail: Top 5 Leaked e-Retail Credentials

The holiday season is upon us, with events like Black Friday, Cyber Monday, and the entire month of December seeing a surge in online shopping. This time of year is crucial for retailers as they strive to maximize their profits. However, it is also a busy and lucrative season for cybercriminals who exploit the increased online sales to target employee and customer credentials, as well as other personal information.

Given the valuable customer data they possess, retailers remain prime targets for sophisticated cyber threats. These threats often involve compromised credentials and unauthorized access. Once cybercriminals gain control of these credentials, they can infiltrate corporate networks, steal sensitive data, encrypt it with ransomware, and even launch more extensive campaigns by advanced threat groups, also known as APTs. For retailers that fall victim, the consequences can be severe. A single email credential, sold on the underground market, can lead to compromise of an entire network.

Pulling data from our new Identity Intelligence module, our threat research experts looked into five of the world’s largest retailers and discovered that thousands to tens of thousands of compromised employee credentials were stolen throughout 2023. The leading retailer had 29,542 employee credentials leaked or exposed during the calendar year:

Exposed employee credentialsClick here to view the detailed infographic!

This risk extends beyond just employee credentials. Customer credentials are also vulnerable to Account Takeover (ATO), which is a type of identity theft and fraud where an unauthorized person gains access to someone's account credentials. In fact, the five retailers we analyzed had a total of 1,346,585 customer account credentials compromised in the year 2023. Unfortunately, as we frequently witness, once the attacker gains control of the account, they can exploit it for various malicious purposes, such as financial theft.

Compromised credentials can appear in any number of formats and contexts. Cybersixgill’s Identity Intelligence module arms retailers with a complete and consolidated view of at-risk compromised credentials and access within the attack surface. As a result, their security teams can effectively and proactively manage organizational threat exposure, identify security gaps, and preemptively stop a breach.

The Identity Intelligence module’s key benefits include:

  • Helps mitigate account takeover (ATO) fraud with full visibility into when and where an organization’s customer or employee access credentials are shared, identifying sources of potential leaks or breaches. 

  • Reduces the mean time to detect threats, minimizing the window of opportunity for cybercriminals to weaponize access in attack. 

  • Decreases the number of false positives related to irrelevant credential exposure through easy customizations per each organization’s password policy.

Want to learn how to simplify compromised credential monitoring and gain insights into your organization’s risks and vulnerabilities? Contact us to schedule a demo.

You may also like

Cybersixgill at RSA 2024

April 30, 2024

RSA 2024: Get an Exclusive Look at our NEW Third-Party Intelligence

Read more
Manufacturing workers equipping themselves with threat intelligence

April 26, 2024

Gabi Reish speaks with about threat intelligence and ransomware attacks

Read more
View from the entrance of a tunnel with tracks extending towards a futuristic, dystopian cityscape.

April 19, 2024

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Read more