In 2024, attackers compromised over 3.2 billion credentials, a 33% increase from the previous year. In addition, over 200 million credentials have already been stolen this year.
In 2024, attackers compromised over 3.2 billion credentials, a 33% increase from the previous year. In addition, over 200 million credentials have already been stolen this year.
This is stated in the new Flashpoint Global Threat Intelligence Report based on more than 3.6 petabytes of data.
75% of the stolen credentials, or 2.1 billion, were obtained through information-stealing malware, or “infostealers,” which have infected over 23 million devices worldwide. The most common of these is Redline, which infected 9.9 million computers in 2024.
The number of vulnerabilities increased by 12% last year. Flashpoint counted 37,302 vulnerabilities, and over 39% of them had publicly available exploit code.
Ransomware attacks increased by 10%, data breaches by 6% across all sectors. In addition, the five most active ransomware-as-a-service (RaaS) groups—Lockbit, Ransomhub, Akira, Play, and Qilin—are responsible for over 47% of reported attacks in 2024.
A key finding of the report is the rise in cybercriminal activity: 6,670 public data breaches were recorded in 2024, resulting in the leakage of over 16.8 billion records, putting organizations, customers, and users at risk, and funding cybercriminal organizations worldwide.
