Credential Theft is the #1 Cause of Data Breaches! Here's How to Protect Your Company

For four years in a row, the famous Verizon Data Breach Investigations report has found that compromised credentials is the top cause of all data breaches. 

This tells us a couple of things. Firstly, it’s clear that cybercriminals love using credentials to steal data. Secondly, businesses are failing to do anything about it! 

Despite the warnings about compromised credentials being a cyber security threat, many companies have lax password policies – or no policies at all!

Below, we’ll explore what credentials theft is and how to protect your company. 

What is credentials theft? 

Credential theft is a form of cybercrime in which malicious actors steal their victim’s login credentials. This can be for any number of accounts – such as Microsoft Office 365, Slack, DocuSign, etc.

Armed with these details, they can log in to the account and take several malicious actions. They could, for example, impersonate the person’s identity to gather sensitive information, steal sensitive files directly from the account or even inject malware into the software.  

Some of the most significant data breaches of our time have resulted from credentials theft, including the Equifax breach and Yahoo hacks. 

How do cybercriminals find these credentials?

A successful credentials hack is entirely dependent on a cybercriminal gaining access to you – or your employees’ – login credentials. In our hyperconnected world, this isn’t hard to do. Data breaches like Equifax and Yahoo mean that the details of millions of people are up for grabs on the dark web – including information like email addresses, passwords, financial information and more.

Hackers can buy this information for a small price and then use it as the basis for credentials compromised. As a side note, if you want to check if your data has been breached, consider using a website like Have I Been Pwned (HIBP), which enables you to see if your email address has been compromised in a data breach.  

There are other ways hackers can get their hands on your details. A successful phishing attack, for example, enables criminals to collect sensitive data from their victims, which can then be used to log in to their accounts illicitly. 

Other times, if you have easy to guess passwords like ‘12345’ or ‘qwerty’, then a hacker could simply break into your account without having to do any digging at all – they would only need to know your email address.

Remember, too, that with the rise of websites and social media sites like LinkedIn, email addresses are often publicly visible these days. 

How to prevent credential theft

The good news is that there are a few simple steps your company can take to reduce the risk of successful credentials compromise. 

1. Enable multi-factor authentication 

All of your employees should use multi-factor authentication to log in to their corporate accounts. This reduces the risk of credential compromise by mandating that employees verify they are who they say they are with more than a password. They will also receive a text message with a code or email with a link that they will have to use to log in. 

2. Update passwords regularly 

Your employees should not use the same password for more than six weeks. You can use tools that enforce password changes on corporate devices after a given time period. 

3. Have strict password policies 

Your people should use a unique password for every account. As well as this, passwords should be complex and difficult to guess – using a mixture of upper, lower and special characters and numbers. 

4. Follow privileged access management protocols

It would be best if you had unique protocols in place for users with privileged accounts. If you’re not sure where to start with this, speak to our IT team, who will be happy to give you an overview of what the privileged account management process should look like.

5. Train your employees

Empower your employees to spot and flag phishing attacks, rather than fall victim. We advise hosting regular training sessions that educate your people on what phishing attacks look like, the most common scams, and the company protocol for any messages that seem suspicious.  

Ultimately, there’s always a chance that cybercriminals might get their hands on your employees’ credentials. However, that doesn’t have to mean you end up in a data breach. With a few proactive policies around credentials management, you can boost your company’s cyber resilience and make your passwords much harder to crack. 

Schedule a Security Review Today!

Don’t be in the dark about your cyber security defences. GKM2 can assist your Sydney area business by reviewing your IT security strategy and letting you know of any weaknesses that could leave your company at risk.

Contact us today to learn more. Call +61 2 9161 7171 or reach out online.