The email and password combinations are being sold on a “closed-access underground forum for Russian-speaking hackers named Exploit.in,” according to ZDNet. The seller did not disclose how he obtained the login credentials, but he claimed to have hundreds of additional accounts to sell.
ZDNet said a cybersecurity source has confirmed the validity of the stolen data. That source has begun the process of notifying all the affected companies.
Scam potential
If corporate executive login credentials fall into the wrong hands, both the executives and their workers could be affected. Cybercriminals can use compromised corporate email credentials for a variety of money-making schemes, KELA Product Manager Raveed Laeb explained to ZDNet.
"Attackers can use them for internal communications as part of a 'CEO scam' - where criminals manipulate employees into wiring them large sums of money; they can be used in order to access sensitive information as part of an extortion scheme,” Laeb said.
Stolen login credentials can also be “exploited in order to gain access to other internal systems that require email-based 2FA, in order to move laterally in the organization and conduct a network intrusion," Laeb added.
To reduce the likelihood of such events unfolding, cybersecurity experts highly recommend using two-step verification or two-factor authentication for online accounts. Attackers won’t be able to do anything with stolen login details in cases where the user has set up 2SV or 2FA.
Share your comments