13 December 2017
visit www.avoka.com

Banks are top targets for employee credential thieves

29 November 2017  |  5577 views  |  0 Login detail

The banking sector accounts for nearly a quarter of all exposed employee IDs and passwords at FTSE 100 companies, according to analysis from cyber security firm Anomali.

With the Equifax and Deloitte hacks fresh in the memory, Anomali scoured the dark web and hacker forums, finding 16,583 credential exposures related to FTSE 100 firms, up from just 5275 a year before.

More than three quarters of all 100 FTSE members were exposed, with an average of 218 usernames and password stolen, published or sold per company.

The banking sector was hardest hit, accounting for 23% of the total exposed credentials, ahead of the energy, oil and gas, and consumer goods sectors.

Colby DeRodeff, co-founder, Anomali, says: "Security issues are exacerbated by employees using their work credentials for less secure non-work purposes. Employees should be reminded of the dangers of logging into non-corporate websites with work email addresses and passwords."

Anomali also found 438 suspicious domain registrations linked to FTSE 100 members, with 82 firms having at least one. Again, the banking sector is the top target, with 83 registrations, more than double the next industry, energy.

"Monitoring domain registrations is a critical practice for businesses to understand how they might be targeted and by whom. A threat intelligence platform can aid companies with identifying what other domains the registrant might have created and all the IPs associated with each domain," says DeRodeff.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Equifax profits dive on data breach costs

Equifax profits dive on data breach costs

10 November 2017  |  6260 views  |  0 comments | 5 tweets | 1 linkedin
SEC data breach: hackers accessed personal information

SEC data breach: hackers accessed personal information

02 October 2017  |  5853 views  |  0 comments | 2 tweets | 1 linkedin
Financial sector breaches skyrocket in 2016

Financial sector breaches skyrocket in 2016

28 April 2017  |  10948 views  |  0 comments | 20 tweets | 33 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.response.ncr.comvisit www.solutions.lexisnexis.comvisit www.aciworldwide.com

Top topics

Most viewed Most shared
Saxo Bank's 'Outrageous Prediction': Bitcoin to peak at $60k next year before spectacular crashSaxo Bank's 'Outrageous Prediction': Bitco...
12121 views comments | 7 tweets | 7 linkedin
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
9301 views comments | 16 tweets | 22 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
7883 views comments | 17 tweets | 35 linkedin
Santander UK poaches Barclays innovation chief Michael HarteSantander UK poaches Barclays innovation c...
7325 views comments | 8 tweets | 17 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7159 views comments | 20 tweets | 11 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job