FTSE 100 company employee credentials leak
Data Leak
Summary
Hide ▲
Show ▼
A leak of 460,000 compromised credentials tied to FTSE 100 company employees has surfaced on clear and dark web criminal channels, raising account-takeover and breach risk across the UK’s largest firms. The exposure includes as many as 45,000 leaked credentials at a single company and more than 10,000 each at 15 companies, with financial services (70,000+) especially affected. Researchers also found 28,000 corporate credentials in stealer logs, suggesting the true exposure may be larger because additional stolen credentials can remain unseen, sold, or actively used.
Related Happenings
FIFA logins traded on dark-web markets
Data Leak
First: 27.05.2026 14:28
Last: 27.05.2026 14:28
Sources 1
About this happening:
Around **2,500 FIFA logins** have surfaced on **dark-web markets**, turning stolen credentials into an active exposure that can fuel account abuse and downstream fraud. The leak i...
FIFA logins traded on dark-web markets
Data LeakAbout this happening: Around **2,500 FIFA logins** have surfaced on **dark-web markets**, turning stolen credentials into an active exposure that can fuel account abuse and downstream fraud. The leak i...
UK employees at large firms selling corporate credentials over the past year
Target Trend
First: 06.05.2026 11:40
Last: 06.05.2026 11:40
Sources 1
About this happening:
**UK employees** at **large firms** are continuing to sell corporate credentials, with a survey finding **13%** admitted doing so or knew someone who had over the **past 12 months...
UK employees at large firms selling corporate credentials over the past year
Target TrendAbout this happening: **UK employees** at **large firms** are continuing to sell corporate credentials, with a survey finding **13%** admitted doing so or knew someone who had over the **past 12 months...
ShellForce-affiliated leak site publishes stolen identity, corporate, and résumé records
Data Leak
First: 09.02.2026 23:14
Last: 09.02.2026 23:14
Sources 1
About this happening:
A **ShellForce**-affiliated leak site is publicly posting **stolen identity records**, **corporate data**, and **résumé databases**, turning intrusions into immediate exposure ris...
ShellForce-affiliated leak site publishes stolen identity, corporate, and résumé records
Data LeakAbout this happening: A **ShellForce**-affiliated leak site is publicly posting **stolen identity records**, **corporate data**, and **résumé databases**, turning intrusions into immediate exposure ris...
Docker Hub container images leaking secrets across more than 100 organizations
Data Leak
First: 04.02.2026 17:05
Last: 04.02.2026 17:05
Sources 1
About this happening:
Researchers uncovered **more than 10,000 Docker Hub container images** leaking **production API keys, cloud tokens, CI/CD credentials, and AI model access tokens**, putting secret...
Docker Hub container images leaking secrets across more than 100 organizations
Data LeakAbout this happening: Researchers uncovered **more than 10,000 Docker Hub container images** leaking **production API keys, cloud tokens, CI/CD credentials, and AI model access tokens**, putting secret...
LastPass customer password vault backups exposed
Data Leak
First: 05.01.2026 11:30
Last: 05.01.2026 11:30
Sources 1
About this happening:
The **2022 LastPass data leak** exposed backups of about **30 million customer password vaults**, leaving more than **25 million users** with a **long-tail risk** of offline crack...
LastPass customer password vault backups exposed
Data LeakAbout this happening: The **2022 LastPass data leak** exposed backups of about **30 million customer password vaults**, leaving more than **25 million users** with a **long-tail risk** of offline crack...
Timeline
-
18.11.2025 11:45 2 articles · 6mo ago
FTSE 100 employee credentials exposed on cybercrime sites
Initial DisclosureSocura and Flare monitored clear and dark web cybercrime communities for FTSE 100 company domains and found 460,000 compromised credentials tied to employees at the UK’s largest firms. The findings included as many as 45,000 leaked credentials at a single company, more than 10,000 each at 15 companies, and 70,000+ credentials affecting financial services, while 28,000 corporate credentials were also identified in stealer logs and additional passwords appeared on sites like Doxbin. The researchers warned that visible leaks likely understate the true exposure because stolen credentials can remain unsold, be actively used, or move through unknown channels.
Show sources
- Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites — www.infosecurity-magazine.com — 18.11.2025 11:45
- Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites — www.infosecurity-magazine.com — 18.11.2025 11:45