- More than one-third of the hijacked accounts analyzed by researchers had attackers dwelling in the account for more than one week.
- 20% of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees’ personal and organization accounts.
- In 31% of these compromises one set of attackers focuses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetizing the hijacked accounts.
- 78% of attackers did not access any applications outside of email.
Read more: Help Net Security