Security News > 2023 > August > What's the State of Credential theft in 2023?

At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams.

The 2023 Verizon Data Breach Investigations Report revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated.

We'll explore why credential theft is still such an attractive attack route, and look at how IT security teams can fight back in the second half of 2023 and beyond.

One interesting data point was that 50% of all social engineering attacks in 2022 used a technique called 'pretexting' - an invented scenario that tricks a user into giving up their credentials or performing another beneficial action to the attacker.

Through a brute-force attack using stolen credentials, attackers eventually found working passwords and swiftly proceeded to log into customer accounts, potentially accessing stored customer secrets.

More than just a stolen set of credentials, these fingerprints paired with closely-located VPN access that allowed an attacker far greater access than stolen credentials alone can offer.

News URL

https://thehackernews.com/2023/08/whats-state-of-credential-theft-in-2023.html