VendorsSpyCloud
SpyCloud
Cybersecurity reports and statistics published by SpyCloud
8 categories2 reports
Research Reports
Reports and publications from SpyCloud
Recent Statistics & Reports
Under holistic identity matching, the average exposure for a single consumer identity shows 229 records per customer, 52 unique usernames, 105 total usernames, 27 unique emails, 125 total emails, 227 credential pairs, and 9 unique sources.
4/8/2025•
ExposureRecordsCredentials
SpyCloud recaptured 44.8 billion PII assets in 2024, a 39% increase from 32.22 billion in 2023. This included 4.4 billion full names, 2.8 billion phone numbers, 42.97 million passport & driver's license numbers (a 168% increase from 2023), 36.97 million credit card numbers, and 3.05 billion Social Security & national ID numbers
4/8/2025•
PIIPersonal information
An average of 1,861 cookies were harvested per malware infection.
4/8/2025•
MalwareCookies
64% of the phished records contained location data, mostly in the form of IP addresses.
4/8/2025•
PhishingRecordsLocation
SpyCloud recaptured 3,562 third-party breach records in 2024. These third-party breaches amounted to 7.6+ billion breach records.
4/8/2025•
BreachThird-partyRecords
142.27 million individuals had a password exposed in 2024, a 125% increase from 2023.
4/8/2025•
CredentialsPasswordExposure
Endpoint Detection and Antivirus Solutions miss 66% of malware infections.
4/8/2025•
EDREndpoint detectionAV
Nearly one in two corporate users were already the victim of a malware infection in 2024.
4/8/2025•
Malware
In the year prior to 2024, malware was the cause of 61% of all breaches.
4/8/2025•
MalwareBreaches
SpyCloud's research shows that 66% of malware infections occur on devices with endpoint security solutions installed.
4/8/2025•
MalwareEndpoint protectionEndpoint
97% of the phished records SpyCloud collected in 2024 contain at least one email address.
4/8/2025•
PhishingRecordsEmail address
17.3 billion cookies were siphoned by malware.
4/8/2025•
MalwareCookies
SpyCloud's 2024 research reveals the staggering scale of exposed credentials circulating within the criminal underground: 3.1+ billion total passwords recaptured.
4/8/2025•
CredentialsCriminal undergroundDark web
About one in every two corporate users was already the victim of an infostealer infection on a personal or corporate system in 2024.
4/8/2025•
MalwareInfostealer
The average exposure for a single employee identity in 2024, under a traditional exposure model, shows 11 records per employee, 1 unique username, 1 total username, 1 unique email, 11 total emails, 7 credential pairs, and 7 unique sources (breach, malware, or phish).
4/8/2025•
ExposureRecordsCredentials
There was an average of 44 exposed credentials per malware infection.
4/8/2025•
MalwareCredentialsExposure
On average, a single malware infection could expose access to 10 to 25 third-party business applications.
4/8/2025•
MalwareThird-partyThird-party app
By using holistic identity matching for an individual employee, the average exposure increases to 146 records per employee, 22 unique usernames, 13 total usernames, 89 unique emails, 141 total emails, 57 credential pairs, and 8 unique sources. This represents more than 12x the exposed data compared to the traditional view.
4/8/2025•
ExposureRecordsCredentials
There were 2.2 billion credential pairs (username/email + password) recaptured.
4/8/2025•
CredentialsCriminal undergroundDark web
74% of recaptured consumer records contain a physical or IP address.
4/8/2025•
ExposureRecordsAddress
Showing 21-40 of 41 results