Your Login Credentials are Keys to the Kingdom for Hackers
A recent study published by Google estimates that 1.5% of all login credentials used across the web have been compromised in data breaches and are vulnerable to credential stuffing attacks.
Google has conducted the study based on the information collected from the users of their Password Checkup extension for Chrome. Password Checkup checks the login credentials entered by users against a database containing over 4 billion records that were leaked in previous data breaches. Statistics collected during a period of one month between February 5–March 4, 2019, revealed that out of 21 million credentials that were scanned, approximately 1.5% (316,000 credentials) were already compromised in data breaches. These statistics show that only 26% of the users who were notified about the compromised passwords, executed password reset and only 60% of the new passwords are secure against credential stuffing attacks.