Among the roles most vulnerable to credential theft, 28% were in Project Management, followed by Consulting (12%) and Software Development (10.7%).

Credentials for victims of the Play, Akira, and Rhysida ransomware groups were found on cybercrime marketplaces between 5 and 95 days prior to the reported attack.

The average time between credentials being found and the reported ransomware attack was 2.5 weeks

Credentials or data were stolen in nearly half of all cyberattacks.

Over 65% of missed phishing emails across SEGs are vendor scams and credential theft.