Your Coalition risk assessment includes a section called “Exposed Employee Information.” As part of our scan, we search through multiple public and private databases on the dark web for leaked sensitive information that might belong to you or your organization. There are two basic types of sensitive information:

  • Usernames and Passwords (Compromised Credentials)
  • Personally Identifying Information (PII)

It is important to know that the employee information Coalition finds was not stolen directly from your website or services. This information was released publicly as part of data breaches that have occurred on 3rd party sites where employees have created accounts with their company email (i.e. LinkedIn, Adobe, Yahoo).

The risk assessment will tell you when an employee's sensitive information was last leaked on the web ("Last Exposed"), and where that data came from ("3rd Party Breach").

The unfortunate truth is that employee passwords and PII are already publicly available, and once exposed cannot be removed from the web. Roughly 80% of all cyber incidents start with hackers making use of stolen personal information. This is why Coalition strongly urges all companies to implement Two-Factor Authentication for both company email accounts and sensitive internal services.

Exposed Usernames & Passwords

While all of the exposed employee information Coalition detects is from 3rd party website breaches, employees often re-use the same password for multiple accounts. Hackers will often take advantage of this behavior to do "credential stuffing" attacks - attacks where they try to use the employee's publicly exposed password on their company email or sensitive internal services.

Exposed Personally Identifying Information (PII)

PII is any information that can be used as a way to identify an individual - this includes home addresses, Social Security numbers, personal health information (PHI), credit card numbers, and more.

Attackers will often use PII data collected in other breaches in phishing campaigns, in order to make their fake emails seem more legitimate. It is important to understand what information is publicly released about you and your workforce, so employees can be better prepared in the case of a phishing attempt.

Ongoing Monitoring

Coalition’s risk assessment for exposed employee information does not stop with the risk assessment report. We continually search for compromised credentials and data across all our resources on behalf of our insureds, and alert you when new information is found. This is an automatically included benefit with every Coalition policy.

For more information on this topic, please reach out to us; We’re here to help!

Did this answer your question?