Credential abuse surge driven by insider sales of corporate logins in UK enterprises
Summary
Hide ▲
Show ▼
A survey of 2,000 UK employees in organizations with 1,000+ staff found 13% admitted selling corporate credentials in the past 12 months or knew someone who had, with justification perceptions rising sharply among senior roles: 32% of senior managers, 36% of directors, 43% of C-suite executives, and 81% of business owners viewed the practice as justifiable. Credential sales expose organizations to fraud, financial crime, and broader insider threats, compounded by the circulation of 2.9 billion compromised credentials globally in 2025, including 460,000 linked to FTSE100 employees and 28,000 captured in stealer logs.
Timeline
-
06.05.2026 11:40 1 articles · 1h ago
UK workforce credential sales surge amid rise in insider threats and global credential leakage
Cifas reports 13% of UK employees in large enterprises sold corporate credentials over the past year or knew someone who had, with justification highest among executives. The trend coincides with documented losses from insider risks reaching an average of $19.5 million per organization in 2024 and the exposure of 460,000 credentials tied to FTSE100 employees across cybercrime platforms and stealer logs in 2025.
Show sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
Information Snippets
-
13% of 2,000 surveyed UK employees admitted selling corporate credentials over the past 12 months or knew someone who had.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
-
Perceptions of credential sales as justifiable increase with seniority: 32% of senior managers, 36% of directors, 43% of C-suite executives, and 81% of business owners.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
-
Global organizations incurred average losses of $19.5 million per business in 2024 due to insider risks, including malicious insider activity accounting for 27% ($4.7 million) of total losses.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
-
460,000 compromised credentials belonging to employees at FTSE100 firms were found circulating on cybercrime sites in 2025.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
-
28,000 corporate credentials were identified in stealer logs, averaging 280 per FTSE100 company.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40
-
A 2025 study tracked 2.9 billion compromised credentials globally across 3.9 million compromised machines, with 347 million originating from a single analysis.
First reported: 06.05.2026 11:401 source, 1 articleShow sources
- One in Eight Workers Has Sold Their Corporate Logins — www.infosecurity-magazine.com — 06.05.2026 11:40