With 15,000 leaked credentials publicly available online, UAE tops the list of countries most affected, according to according to cyber situational awareness company Digital Shadows’ latest research report.
Next on the list was KSA with 3360, Kuwait with 203 and Qatar by 99 leaks. These numbers might look small in comparison to the global figures but it is due to the lower percentage of organisations that are in the Middle East. In the Middle East, the technology industry seems to be far more exposed than other on the list, such as financial services, chemicals and oil and gas.
Chris Brown, Digital Shadows VP for EMEA and APJ, said these data breaches are now the norm of the region.
With credentials for over 5.5 million employees of the world’s largest companies, listed on the Forbes Global 2000, having been found online and with 97 per cent suffered from credential compromise.
“It is clear that, irrespective of size, industry or geography, the vast majority of organisations have credentials exposed online. Compromised credentials hold significant value for cybercriminals as the information can be used for botnet spam lists, extortion attempts, spear-phishing and account takeover,” he said.
The biggest breaches were from social media platforms such as LinkedIn, MySpace and Tumblr with 30%, 21% and 8% of the total credentials.
“In order for organisations to prepare themselves for the inevitable data breach they need to first understand the impact of a breach and what they can do to prepare their employees and business for credential compromise,” Brown said.
Organisations should not just be resetting passwords. They must figure out a way to know whether the a breach contains information is unique, re-posted, or outdated. 10 per cent of the 5 million leaked credentials in the report were actually duplicates which can cause even more confusion for an organisation that has suffered a breach.