New service leverages database of 15 billion breached credentials to remove the time spent triaging invalid or duplicate entries
Digital Shadows, the leader in digital risk protection, has announced new capabilities within its SearchLight™ solution to enable organizations to track whether credentials exposed in data breaches are ‘valid’ and hence a current risk. The near real-time credential alert uses the Digital Shadows database of some 15 billion breached credentials and maintains a history of whether credentials (usernames and passwords) have been seen before or previously remediated so that organizations can see instantly whether they can still be exploited by criminals to infiltrate accounts and systems.
Last week, Digital Shadows revealed that it has alerted clients to 27.3 million username and password combinations in the last 18 months. It also warned that access to organizations’ key systems trade at a significant premium. Usernames with “invoice” or “invoices” as well as “payments” and “partners” are actively sought by cyber criminals. Domain admin access is currently advertised by cyber criminals with prices ranging from $500 to $120,000.
Digital Shadows SearchLight™ has the most comprehensive collection mechanism in the market to combat this threat, continuously searching across criminal forums, paste sites, dark web pages, and code-sharing sites. This has detected more than 15 billion credentials to date, and this number continues to rise. Given credential breaches are common and password reuse is rife, often organizations lack visibility of who has been impacted – and the extent of the impact this has on the business.
