Please fill in the form below to subscribe to our blog

Hackers Leaked 22 Billion Records on the Dark Web in 2020

January 18, 2021
records on the dark web represented by hackers with big hats and laptops in a cartoon style

Is Your Business in Danger From Bad Actors Dropping 22 Billion Records on the Dark Web in 2020?


Dark Web risk is a constantly growing threat for businesses, and that danger increases every year as more treasure troves of information that bad actors can use to facilitate cyberattacks land on the Dark Web. Experts estimate that hackers dropped over 22 billion records on the Dark Web in 2020, and vast new stores have been added in 2021. That data is a threat to businesses because it powers a wide array of cybercrime, but you can take precautions to lower your risk quickly and affordably.


global year in breach depicted as a printed report.

Give your clients the cold, hard facts that tell the tale of exactly how much danger their business is in. GET THIS FREE BOOK>>


22 Billion New Records in 2020 Added 22 Billion Sources of Trouble


The Dark Web already contained billions of pieces of information that hackers could use to fuel cyberattacks – an estimated 60% of the information that was on the pre-pandemic Dark Web could harm businesses. That percentage is climbing fast, and will continue to grow as the fallout from a record number of data breaches in 2020 is calculated.

  • The addition of 22 billion new records in 2020, including records from major breaches at Netflix, Accellion, Blackbaud and others amps that danger up.
  • In early 2021, the famed “Compilation of Many Breaches,” or COMB, added a collection of 3.2 billion email and password pairs to the dark web
  • The RockYou2021 password leak added a vast pool of more than 8 billion fresh stolen credentials to the mix.
  • More than 60% of data breaches in 2020 enabled cybercriminals to obtain stolen credentials – and up to 90% in some industries!

Is your email domain protected against phishing? Are your customers? Find out now with the Graphus Domain Checker. CHECK NOW>>


How Stolen Records Are a Threat to Your Business


You may not think that your business could be in danger of a cyberattack from information that was collected from other companies or non-business sources, but you’d be wrong.  In the 2021 Data Breach Investigations Report, Verizon researchers noted that approximately 60% of data breaches involve the improper use of credentials. Credentials were the top type of information stolen in data breaches worldwide in 2020 about 60% of North American breaches, 90% of APAC region breaches and 70% of EMEA breaches.

 These hefty collections of credentials can be used to power a variety of nasty cyberattacks including:


ransomware defense can be complicated by cryptocurrency risk

See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>


Bad Password Habits Lead to Big Trouble


 Bad password habits plague companies at every level, causing unnecessary danger that can lead to cybersecurity disasters. Credentials for higher-level users like administrators and executive accounts are especially prized for their elevated user privileges in company systems as well as their credibility when conducting business email compromise schemes. In a study of Fortune 100 companies, researchers determined that a whopping 76% of employees and executives at the world’s largest companies are reusing passwords across personal and professional accounts.  

You need to be alert to the possibility of increased cyberattack danger that is created by a huge influx of new data like this that can enable cybercriminals to strike at your business quickly because employees don’t take it seriously and that can be a disaster. In a 2020 survey, although 91% of employees said they understood the risk of password reuse, 59% admitted to doing it anyway. These things happen at companies of every size in every industry. Not only do  48% of workers use the same passwords in both their personal and work accounts, but the average person also recycles a favorite password 14 times!

Combine that nonchalance about password hygiene with the complications that arise from supporting a remote workforce and the problem is compounded.  A whopping 60% of respondents in a survey of IT professionals said that they knew with certaity that their organization had experienced a password recycling/reuse/iteration-related security breach in 2020. Every business needs to take sensible precautions to reduce their risk of trouble – and we can help. 


malicious insider threats can include cryptocurrency risk represented by a crime comic style blue eye looking through a peephole.

Use our Cybersecurity Risk Protection Checklist to find vulnerabilities before the bad guys do! GET IT>>


Stop Trouble Before It Starts


Keeping an eye on dark web activity that involves your business is a smart way to prevent unpleasant surprises. Why? Because huge caches of passwords are regularly snatched by bad actors as part of their data theft schemes, making credential compromise related to dark web data one of the major threats to your business. In a challenging economy, even cybercriminals have to work a little harder, and that’s reflected in the booming business in data on the Dark Web.

The strong solutions in the ID Agent Digital Risk Protection Platform enable you to protect your systems and data from hackers by stopping cybercriminals before they can start making trouble.

  • Dark Web ID – Don’t let cybercriminals sneak into your network with a compromised credential. Up to 80% of data breaches involve credential compromise. Make sure yours aren’t available with 24/7/365 human and machine-powered always-on dark wen monitoring that alerts you to trouble fast. 
  • Passly – Secure identity and access management with multifactor authentication is a must-have to take the power out of a filched password. Multifactor authentication alone adds an extra layer of protection between hackers and your valuable data, stopping 99% of password-based cybercrime. Plus, automated password resets make everyone’s life a little bit better. 
  • BullPhish ID – Protecting a business from cybercrime starts with protecting it from phishing. An estimated 65% of cybercriminals use phishing as their primary method of attack. The new BullPhish ID enables trainers to either use create their own custom content or choose a  premade phishing simulator kit in 8 languages, with new content added monthly to make sure everyone is up to speed on the latest threats.