Stolen Credentials Cause 75% of Enterprise Breaches

- Breaches originating from stolen or compromised credentials cost businesses an average of $4.81 million per incident and take an average of 292 days to identify and contain. - A common tactic is "credential stuffing," where attackers use automated bots to test lists of usernames and passwords from previous data breaches on other websites, capitalizing on password reuse. One study found approximately 15 billion stolen logins circulating from about 100,000 past breaches. - High-profile attacks in 2023 against MGM Resorts and Caesars Entertainment were initiated through social engineering to steal credentials. The MGM breach led to an estimated $110 million loss, while Caesars reportedly paid a $15 million ransom. - In October 2023, identity services provider Okta disclosed that attackers used a stolen credential to access its customer support system. The attackers were able to view sensitive files, including session tokens, uploaded by customers, impacting companies like BeyondTrust and Cloudflare. - Attackers use a variety of methods to steal credentials, including phishing, malware like keyloggers, and intercepting data on unsecured networks (Adversary-in-the-Middle attacks). - The global Identity and Access Management (IAM) market is projected to grow significantly, with some forecasts predicting it will reach over $77 billion by 2034, driven by the increasing frequency of cyber threats. - Future identity security trends include a move towards passwordless authentication, such as biometrics, and the adoption of "Zero Trust" architecture, which operates on the principle of "never trust, always verify" for every access request. - The rise of remote work and Bring Your Own Device (BYOD) policies has expanded the attack surface for credential theft, as personal devices may lack robust security. The 2025 Verizon Data Breach Investigations Report found that 46% of compromised devices with corporate logins were non-managed systems.