Cyber thieves can get in, steal valuable data, and get out without being undetected.
While hackers have always been interested in hoarding stolen credentials and using them for later attacks, the DBIR team sees this as a new potent threat action. In other words, right now there are thousands of botnets and other malware agents probing your IT systems and applying these existing passwords, hoping to get a match. Based on the DBIR stats, their efforts are paying off. Since hackers already have employee passwords, they can easily impersonate employee insiders, looking for and stealing valuable files and emails from behind corporate firewalls.