Your data may be safe on your systems, but, if employee account information is compromised on third party machines, does this present a risk to that data and your business?
Data leaks are, unfortunately, becoming more and more prevalent. With more online services being used daily, often for seemingly innocent, straightforward or non-critical business operations, the opportunities for account information leakage or penetration are multiplying. Does this increase the risk for your organization?
The Adobe Account data leak of over 153 million records, whilst it didn’t give away password data due to custom hashing algorithms, it did identify accounts for employees, using corporate domain names. By simply appearing in data leaks such as this, your employees’ risk of being attacked, through methods such as phishing, can only increase and become likely to be instantly more targeted. And the more targeted any attack, the more difficult its legitimacy is to determine, and therefore the more likely it is to succeed.
We actively monitor a huge number of sources that, when interrogated using a variety of methods, could give an attacker the information they need to craft a sophisticated employee-targeted attack.
Phishd’s services give you the information, the threat intelligence, to be able to make informed decisions, and to identify those employees who have been found in data leaks, and whose information has been made public through this or other means.
Compromised accounts are generally the most commonly traded factor in data leaks, but other pieces of data, such as dates of birth, addresses and contact information could be used with social engineering techniques to gain physical access to your buildings and infrastructure.
We’re always told to use unique passwords for every separate account that we hold – but very often this does not happen, and an identified password in a leaked third party account can lead to access to corporate resources with very little effort on the attacker’s behalf.
Identify employees who have appeared in data leaks
Know whom to target with account password changes
Be kept informed if further third party sites leak account data
Enjoy comprehensively enhanced threat intelligence
Key Service Features
- Actively search for leaked accounts and password data
- Identify the data leak source
- Identify risk factors by individual employees
- Deliver bespoke, timely, detailed reports
- Suggest methods to counter compromised account data
- Integrate with password Audit Service, if required
- Act as a training tool or training aid