ScoutGet the App

Employee Hacks Rise Risk

- Social posts highlight rising incidents where employee mistakes and account compromises harm corporate security. - One post criticized careless staff breaches and pointed to antivirus and account-control gaps as common failure points. - Those anecdotes underline how human compromise, not just malware, is frequently the entry vector into enterprise environments. (x.com)

Employees and stolen logins are now a leading way into corporate networks, not just malicious software. (verizon.com) Verizon said its 2025 Data Breach Investigations Report analyzed 22,052 security incidents and 12,195 confirmed breaches, the most in a single edition of the report. Credential abuse accounted for 22% of initial attack vectors, ahead of many malware-driven intrusions. (verizon.com) Microsoft said in its 2025 Digital Defense Report that identity-based attacks rose 32% in the first half of 2025. The company said cloud identity systems are being targeted through malicious OAuth apps, legacy authentication abuse, and device-code phishing that tricks employees into handing over access. (microsoft.com) A compromised account is simpler than a smashed firewall: an attacker logs in as a real worker, then moves through email, cloud storage, and internal tools with valid credentials. CISA says multifactor authentication blocks many of these attempts, but weaker forms can still be phished or bypassed. (cisa.gov) CISA now urges organizations to use phishing-resistant multifactor authentication, the version built around hardware keys or cryptographic sign-ins rather than text codes or app prompts. The agency said older methods can fail in push-bombing, SIM-swap, and adversary-in-the-middle attacks. (cisa.gov) The cost of these mistakes is not theoretical. IBM said the global average cost of a data breach reached $4.88 million in 2024, based on 604 organizations studied between March 2023 and February 2024. (ibm.com) IBM also said only 12% of breached organizations in that study had fully recovered more than 100 days after the breach. That means a single stolen password or over-permissioned employee account can produce months of cleanup, legal work, and downtime. (ibm.com) The practical fixes are old but unevenly deployed: limit account privileges, remove legacy sign-in methods, require stronger authentication, and watch for unusual logins. The thread running through the latest data is that attackers increasingly enter through people who already have the keys. (cisa.gov)

Get your own daily briefing

Scout delivers personalized news, insights, and conversations tailored to your role and industry.

Download on the App Store

Shared from Scout - Be the smartest in the room.