According to the latest findings by SpyCloud, the leading identity threat protection company, the average corporate user now has 146 stolen records associated with their identity. This marks a significant 12x increase from previous estimates, highlighting a surge in holistic identity exposures that pose a significant cyber risk to enterprises worldwide.
The newly released 2025 SpyCloud Annual Identity Exposure Report sheds light on the rising trend of darknet-exposed identity data as the primary threat facing organizations today. Cybercriminals are no longer relying on single data points but are instead leveraging stolen data from various sources such as breaches, malware, and phishing campaigns to adopt a more sophisticated approach to identity exploitation. This shift necessitates a comprehensive and holistic defense strategy for organizations to combat the interconnected nature of digital identities.
Traditionally, organizations focused on securing individual account credentials to prevent unauthorized access. However, SpyCloud’s research reveals that cybercriminals have evolved their tactics beyond conventional account takeovers. Attackers now have access to a plethora of identity data from multiple sources, including breaches, infostealer malware infections, phishing campaigns, and combolists. This presents a challenge for organizations whose security measures have not adapted to address the full scope of interconnected identity exposures holistically.
The collection of recaptured darknet data by SpyCloud has grown by 22% in the past year, encompassing over 53.3 billion distinct identity records and more than 750+ billion total stolen assets circulating in the criminal underground. These assets include personal and professional credentials, session cookies, personally identifiable information (PII), financial data, IP addresses, national IDs, and more, which cybercriminals are weaponizing in attacks against individuals and businesses.
Damon Fleury, Chief Product Officer at SpyCloud, emphasizes the significance of understanding the evolving cyber risk landscape, stating, “Identity is the ultimate frontier of cyber risk… It requires organizations to rethink the risks posed by employees, consumers, partners, and suppliers.” By leveraging holistic identity analytics based on recaptured darknet data, organizations can correlate disparate data points to gain a comprehensive view of identity risk and enhance their defense strategies.
The report also reveals alarming statistics related to identity exposures, with an average of 146 stolen records linked to a single corporate user, across 13 unique emails and 141 credential pairs per corporate user. In the consumer realm, the numbers are even higher, with an average of 229 records per consumer, including exposed PII such as full names, dates of birth, phone numbers, Social Security/ID numbers, addresses, and financial information.
Furthermore, the report highlights the significant increase in stolen data, such as 17.3 billion cookies, 548 million credentials exfiltrated via malware, and 3.1 billion passwords recaptured in 2024. These findings underscore the need for organizations to adopt advanced cybersecurity strategies that leverage holistic identity analytics to mitigate identity-based threats effectively.
In light of these findings, businesses must recognize that traditional defenses are no longer sufficient to combat evolving cyber threats. SpyCloud’s approach offers a proactive solution to prevent ransomware, account takeover, and safeguard employee and consumer accounts by leveraging advanced analytics and comprehensive identity threat protection solutions.
To learn more about the findings and insights from the 2025 SpyCloud Annual Identity Exposure Report, interested parties can access the full report on the SpyCloud website. With cybercrime on the rise and identity theft becoming increasingly sophisticated, organizations must prioritize securing their digital identities to safeguard against cyber threats and protect sensitive information from falling into the wrong hands.