Energy-Sector- Exposure-2021-thumb

From a sample of 55 Fortune 500 Energy sector executives, nearly 50% had their corporate credentials exposed in a breach or leakage since 2018. Are you one of them?

Constella’s research takes a deep dive into exposures related to the corporate credentials of energy industry employees and executives at the top 20 Fortune 500 global companies.

Key findings include:

  • Of the top energy companies analyzed, there have been a total of 1,504,564 records exposed and 4,245 breaches and leakages of corporate credentials.
  • A steady increase in the number of breaches and records exposing energy sector corporate credentials.
  • Energy company employees are using their corporate accounts to register on retail, gaming, and entertainment sites.
  • 55% of passwords exposed are plaintext or are using a weak algorithm such as MD5 or SHA1.
  • 45% of executives of the top 20 energy companies on the Fortune Global 500 list have had their corporate credentials exposed in a breach since 2018.
  • Of the exposed executives, 24% have been exposed in breaches that include passwords.
Executives and key employees like privileged IT personnel and HR are the new attack vector for cybercriminals as they have top-tier access to sensitive information which can lead to credential theft, account takeover, and a ransomware attack. In fact, the Colonial pipeline hack that brought down the fuel pipeline of the entire east coast resulted from a single rank-in-file employee’s exposed corporate credentials.
 
Download the ‘Energy Exposure Report’ to learn more and try our Exposure Risk Tool to see if you or your employees have been exposed – FREE.

Energy Sector Exposure Report