Fortune 500 Employees’ Credentials Under Siege
文章指出,财富500强企业面临严重的网络安全威胁,过去三年中超过300万个企业账户被泄露。员工账户成为主要攻击目标,每个受损账户平均被发现5.7次。银行、公用事业、电信等行业的风险最高。恶意软件如Redline和Raccoon被广泛用于窃取凭证并绕过多因素认证。建议企业实施实时监控、零信任模型和员工安全培训以应对威胁。 2025-2-11 18:15:44 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

A backbone of the global economy, Fortune 500 companies employ over 31 million individuals worldwide. However, these businesses face an escalating cybersecurity crisis as cybercriminals increasingly target employee-linked accounts. According to Enzoic’s latest research, cybercriminals have exposed more than three million corporate accounts over the past three years.

Scale of the Threat for Fortune 500 employees

Enzoic’s data indicates that 1 in 10 Fortune 500 employees had their credentials exposed during this period. Compounding the risk, each compromised account was found an average of 5.7 times across different breach datasets. The ongoing cycle of credential reuse and repackaging by cybercriminals significantly heightens the threat of account takeovers (ATO), fraud, and ransomware attacks.

Industries Within the Fortune 500 Most at Risk

Ten major Fortune 500 sectors experienced a significant increase in account compromises, with staggering increases in:

Techstrong Gang Youtube

AWS Hub

  • Commercial Banks & Utilities – Nearly 120,000 newly compromised accounts in 2024, making them high-value targets due to financial and infrastructure vulnerabilities.
  • Telecommunications – A quadrupling of exposed accounts over three years, putting critical digital infrastructure at risk.
  • Internet Services & Retailing – Consistently among the most targeted sectors due to their extensive digital footprints and high-volume user data.

The Rise of Infostealer Malware Affecting Fortune 500 Companies

One of the most alarming trends fueling this crisis is the widespread adoption of infostealer malware. Threat actors leverage sophisticated strains such as Redline, Raccoon, and Vidar to automatically harvest credentials from infected devices. These malware families have proven effective in capturing digital fingerprints and session cookies that can help bypass traditional multi-factor authentication, making credential monitoring and continuous threat intelligence critical for risk mitigation.

Cybersecurity Strategies to Mitigate Risks

With infostealer malware on the rise and credential compromise becoming more widespread, organizations must adopt proactive security strategies:

  • Continuous Credential Screening – Implementing real-time monitoring solutions to detect exposed credentials before they are exploited.
  • Zero-Trust Security Models – Reducing reliance on passwords alone and strengthening authentication measures.
  • Employee Cyber Hygiene Education – Training employees to recognize security threats, avoid using corporate emails for personal accounts, and avoid reusing passwords across accounts.

Enzoic’s findings highlight that credential compromise is a growing threat. Businesses must move beyond reactive security measures and implement proactive defenses. For an in-depth look at these findings, access the full Fortune 500 Employee-Linked Account Exposure Report.

*** This is a Security Bloggers Network syndicated blog from Blog | Enzoic authored by Enzoic. Read the original post at: https://www.enzoic.com/blog/fortune-500-employees-credentials/


文章来源: https://securityboulevard.com/2025/02/fortune-500-employees-credentials-under-siege/
如有侵权请联系:admin#unsafe.sh