67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are weak.The Expanding Identity Exposure SurfaceThe 2026 report highlights a central shift in identity threats and underscores the need for continuous identity threat protection across both human and machine identities. Attackers are combining breach data, phishing captures, malware logs, session tokens, and machine credentials to construct composite identity profiles that fuel everything from session hijacking and ransomware to supply chain compromise.As organizations accelerate cloud adoption and embed AI tools across workflows, machine identities are becoming deeply integrated into critical systems. The theft of these credentials and authentication tokens can create downstream ripple effects far beyond a single compromised account.”The challenge isn’t just stopping phishing or malware,” Hilligoss added. “It’s understanding how exposed identities connect across systems, vendors, and automation workflows.” He continues, “SpyCloud has recaptured nearly one trillion stolen identity assets in our 10 years of disrupting cybercrime. It’s the basis of our insights on the evolution of identity sprawl and the ways in which bad actors aim to weaponize data against individuals and businesses. But there is good news for defenders. When organizations continuously monitor exposure and build in automated remediation workflows we’ve seen how that can significantly shrink the attacker’s window of opportunity, and that’s a win worth fighting for.”Full report and in-depth analysis available here.About SpyCloudSpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud’s data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now. To learn more and see insights on your company’s exposed data, users can visit spycloud.com.
Contact
Katie HanusikREQ on behalf of SpyCloudspycloud@req.co
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4147970/spyclouds-2026-identity-exposure-report-reveals-explosion-of-non-human-identity-theft.html
