Millions of possible telecom employees' passwords leaked online
Employees at Fortune 1000 telecommunications companies are some of the most exposed on dark web sites, according to a report released Tuesday.
What's happening: Researchers at threat intelligence firm SpyCloud found 6.34 million pairs of credentials — including corporate email addresses and passwords — that likely belong to telecommunications company employees.
- Those 6.34 million credentials spanned just nine Fortune 1000 telecom companies. That's an "extreme" rate compared to other sectors, the report notes.
- In comparison, SpyCloud discovered 7.52 million pairs of credentials belonging to tech sector employees — but those employee logins spanned 167 Fortune 1000 companies.
Why it matters: Telecommunications companies remain ripe targets for malicious hackers eager to steal customers' sensitive phone and financial data.
- Yet these companies struggle compared to other high-risk sectors to keep their systems secured due to poor vendor security.
- Last week, T-Mobile disclosed its second data breach in 2023 alone.
The big picture: Hackers still have a lot of success using simple techniques — such as relying on stolen passwords or tricking individual employees into sharing their passwords — to launch impactful attacks.
- A breach at Uber last fall started with hackers targeting employees by posing as someone from the IT team and sending repeated multifactor authentication requests until an employee approved them.
- Ransomware attackers gained access to Colonial Pipeline's online systems in May 2021 using a former employee's leaked password.
Yes, but: Not every pair of credentials will still work, according to SpyCloud's report.
- But "the ones that do match or even have a partial match represent substantial risk for these enterprises," the report says.
Sign up for Axios’ cybersecurity newsletter Codebook here