Please fill in the form below to subscribe to our blog

Massive Dark Web Dump Exposes Thousands of Passwords

April 30, 2020
a black laptop screen with a yellow skull and crossbones and the words dark web

Dark Web Data Dumps Create Huge Risk for Every Business


Dark Web markets are buzzing from a large dump of nearly 25,000 email addresses and passwords from major sources, and potentially much more compromising information that could inflict serious damage. The credentials are reputed to be from public-health focused organizations including the World Health Organization, The Gates Foundation, the US National Institutes of Health, and similar agencies.


Big Agencies Have Big Password Problems


Even though these credentials are not thought to be new, cybercriminals can leverage this information to improve the accuracy of future attacks. WHO announced last week that cyberattacks against it have increased fivefold since the onset of the COVID-19 pandemic. Many of the attackers are looking to steal information about COVID-19 research and vaccine development to sell or trade for profit to corporate or intelligence community buyers.    

Even though password security is a well-known risk, many agencies have failed to take it seriously, continuing to use outdated tools and sloppy handling habits – an expert found that 48 passwords from the WHO dump were “password”!  



Protect Your Passwords


So how can companies prevent bad actors from using stolen login credentials against them? By employing a combination of two of our award-winning tools, companies can mitigate the risk of compromise that can come from a Dark Web password dump like this one.  

  1. Multifactor authentication is essential. There’s a reason why most agencies and organizations that handle sensitive data use multifactor authentication – it works. Employing a secure identity access and management solution like Passly means that even if passwords are compromised in a dump, cybercriminals won’t get much use out of them. SEE A VIDEO DEMO OF PASSLY>>
  1. Dark Web monitoring provides an invaluable warning. This was a major league password dump, so it made the news. Smaller dumps occur every day, and your company’s credentials could already be in one. Find out if your company’s passwords are sitting around waiting for cybercriminals to find them with Dark Web ID. Our award-winning Dark Web monitoring solution is on duty 24/7/365, using real-time, analyst verified data to alert you immediately if your credentials hit the dark Web. SEE A VIDEO DEMO OF DARK WEB ID>>

These solutions seamlessly work together to boost your cybersecurity both immediately and over time, packing a one-two punch that keeps cybercriminals away from your data and systems effectively and affordably – because no one can afford a cybersecurity disaster right now. SCHEDULE A DEMO OF DARK WEB ID OR PASSLY>>>