.png?height=120&name=Orpheus-Logo-Landscape%20(2).png){kind=logo}
Breached credentials are compromised user accounts information, such as usernames, passwords, and personal data, that are sold or traded on the dark web.
Breached credentials refer to user account information that has been compromised in a data breach. This information may include usernames, passwords, email addresses, and other personal data. When these credentials are obtained by cybercriminals, they can be sold or traded on the dark web.
On the dark web, cybercriminals can purchase breached credentials and use them for a variety of malicious purposes, such as:
- Credential stuffing: This is a type of cyberattack in which a cybercriminal uses a large collection of breached credentials to try and gain access to multiple user accounts.
- Identity theft: By using breached credentials, cybercriminals can assume the identity of the account owner and carry out fraudulent activities.
- Phishing attacks: Cybercriminals can use breached credentials to send phishing emails or messages, which appear to be from a legitimate source, to steal more personal information or login credentials.
- Blackmail or extortion: Cybercriminals can use compromised personal information to blackmail or extort victims for financial gain.
If we identify that you have breached credentials on the dark web you should take the following actions:
- Change passwords on the affected accounts
- Enable MFA wherever possible
- Consult with an incident response firm if you were not aware that you had experienced a data breach
- Review password strategies that can help your organisation remain secure, from technical defences to helping your users manage their passwords.