Find notable cyber news and cases, enriched with sources, timelines, and signals.

Weak password hygiene and password reuse across FTSE 100 firms

Trend
First reported
Last updated
Happening score
H score 40
1 unique sources, 1 articles

Summary

Hide ▲

A FTSE 100 credential-hygiene snapshot shows 59% of companies still have at least one employee using “password” as a password, raising account-takeover risk across major UK enterprises. The same exposure set includes 460,000 compromised credentials, and password reuse was common across known leaks. Financial services was especially affected with 70,000+ credentials. The trend matters because trivial and reused passwords make stolen credentials easier to replay in later intrusions.

Related Happenings

Microsoft Azure CLI password-spray campaign using ROPC

Campaign
H score24 First: 01.07.2026 08:46 Last: 01.07.2026 08:46 Sources 1

About this happening: A **massive automated password-spray campaign** against **Microsoft Azure CLI** compromised **at least 78 accounts** across **64 organizations**, expanding access risk across clou...

BEC defensive guidance for exposed-credential and account-misuse risk

Defensive Guidance
H score14 First: 30.06.2026 17:00 Last: 30.06.2026 17:00 Sources 1

About this happening: **BEC defenders** are being pushed toward tighter **training** and **account-response controls** as operators combine **AI-generated business correspondence**, **call-center press...

FortiBleed Fortinet credential-theft campaign

Campaign
H score89 First: 19.06.2026 13:48 Last: 19.06.2026 13:48 Sources 1

About this happening: The **FortiBleed** Happening is a global **Fortinet credential-theft** campaign affecting **FortiGate firewall** and **SSL VPN** customers. The **UK’s NCSC** issued guidance after...

Latest development: 22.06.2026 11:30

The UK’s National Cyber Security Centre issued guidance for Fortinet customers impacted by FortiBleed after the campaign exposed around 75,000 credentials from FortiGate firewall and SSL VPN customers. The NCSC urged affected organizations to use Hudson Rock’s or SOCRadar’s FortiBleed checker tools and then review indicators of compromise such as unauthorized account creation and unexpected activity in log files.

CISA FortiBleed mitigation guidance

Advisory/Mitigation
H score67 First: 19.06.2026 09:47 Last: 19.06.2026 09:47 Sources 1

About this happening: **CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...

UK employees at large firms selling corporate credentials over the past year

Trend
H score72 First: 06.05.2026 11:40 Last: 06.05.2026 11:40 Sources 1

About this happening: **UK employees** at **large firms** are continuing to sell corporate credentials, with a survey finding **13%** admitted doing so or knew someone who had over the **past 12 months...

Timeline

  1. 18.11.2025 11:45 2 articles · 7mo ago

    FTSE 100 credential exposure and weak password hygiene

    Initial Disclosure

    Socura and Flare monitored clear and dark web cybercrime communities for FTSE 100 company domains and identified 460,000 compromised credentials tied to employees at UK’s largest firms. Some companies had as many as 45,000 leaked credentials, 15 companies had more than 10,000 each, and financial services accounted for 70,000+ credentials; the same exposure set also included 28,000 corporate credentials in stealer logs, CXO email addresses and passwords on sites like Doxbin, and widespread weak password hygiene with 59% of FTSE 100 companies having at least one employee using “password” as a password. The findings pointed to infostealer malware and password reuse as major drivers and recommended MFA using passkeys, exposure monitoring, and rapid detection of suspicious logins.

    Show sources