Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
Our analysts recently researched credential compromise, finding more than 5 million leaked credentials online for the world’s biggest 1,000 organizations. Of course, not all breached data is of equal value and, in order to better understand the desirability of the data and the severity of the breach, it’s important to consider six factors.
The six factors outlined above can be used both to assess the severity of a breach as well as to make a comparison between breaches.
Our research takes over 30,000 instances of claimed leaked credentials to understand how the world’s 1,000 biggest organizations are impacted. For this post, we have taken seven historical breaches of varying size and content to see how they measured up against these factors of desirability and against each other. Although the Office of Personnel Management (OPM) breach is not publically available, it has been included for comparative purposes.
*Digital Shadows do not have access to this dataset
Table 1: Historical breaches measured against factors of desirability
Based on the above matrix the following conclusions can made about what makes a dataset attractive:
Shown below is a full explanation of the reasoning behind the grading within the matrix, readers are invited to apply the matrix themselves.
Severity Scoring: Very High=5, High=4, Medium=3, Low=2, Very Low=1, Non-public=5, Public=0, N/A=3
Table 2: Severity matrix for factors of desirability