Millions of possible telecom employees' passwords leaked online

Employees at Fortune 1000 telecommunications companies are some of the most exposed on dark web sites, according to a report released Tuesday.

What's happening: Researchers at threat intelligence firm SpyCloud found 6.34 million pairs of credentials — including corporate email addresses and passwords — that likely belong to telecommunications company employees.

• Those 6.34 million credentials spanned just nine Fortune 1000 telecom companies. That's an "extreme" rate compared to other sectors, the report notes.
• In comparison, SpyCloud discovered 7.52 million pairs of credentials belonging to tech sector employees — but those employee logins spanned 167 Fortune 1000 companies.

Why it matters: Telecommunications companies remain ripe targets for malicious hackers eager to steal customers' sensitive phone and financial data.

• Yet these companies struggle compared to other high-risk sectors to keep their systems secured due to poor vendor security.
• Last week, T-Mobile disclosed its second data breach in 2023 alone.

The big picture: Hackers still have a lot of success using simple techniques — such as relying on stolen passwords or tricking individual employees into sharing their passwords — to launch impactful attacks.

• A breach at Uber last fall started with hackers targeting employees by posing as someone from the IT team and sending repeated multifactor authentication requests until an employee approved them.
• Ransomware attackers gained access to Colonial Pipeline's online systems in May 2021 using a former employee's leaked password.

Yes, but: Not every pair of credentials will still work, according to SpyCloud's report.

• But "the ones that do match or even have a partial match represent substantial risk for these enterprises," the report says.

Sign up for Axios’ cybersecurity newsletter Codebook here