While some organizations may view third party breach usernames and passwords as important indicators to prevent unauthorized access to their own networks, larger organizations are using two factor authentication for securing their perimeters by locking down internet-facing services where the mere availability of these credentials are less actionable.
For security operations and trust and safety teams who are interested in attributing threats to obtain additional context, harvesting unique breach credentials is still of use in conjunction with other data sources that can be used for cross reference purposes.
In the digital underground where cyber crime, fraud, espionage, extortion, and other risks to business are perpetrated, criminals usually cannot keep track of the numerous monikers and fake accounts they use in online forums.
Due to the sensitive nature of this blog, we are requesting registration to verify identities.