53% of insider incidents involved customer records.

Health records comprise 7.4% of sensitive data going into AI.

HR and employee records account for 4.8% of sensitive data going into AI.

97% of the phished records SpyCloud collected in 2024 contain at least one email address.

SpyCloud recaptured over 1.7 million phished records between the ONNX and Caffeine PhaaS platforms in the second half of 2024.

About half of the recaptured phished data included specific city or postal code information.

Under holistic identity matching, the average exposure for a single consumer identity shows 229 records per customer, 52 unique usernames, 105 total usernames, 27 unique emails, 125 total emails, 227 credential pairs, and 9 unique sources.

64% of the phished records contained location data, mostly in the form of IP addresses.

By using holistic identity matching for an individual employee, the average exposure increases to 146 records per employee, 22 unique usernames, 13 total usernames, 89 unique emails, 141 total emails, 57 credential pairs, and 8 unique sources. This represents more than 12x the exposed data compared to the traditional view.

SpyCloud recaptured 3,562 third-party breach records in 2024. These third-party breaches amounted to 7.6+ billion breach records.

The average exposure for a single employee identity in 2024, under a traditional exposure model, shows 11 records per employee, 1 unique username, 1 total username, 1 unique email, 11 total emails, 7 credential pairs, and 7 unique sources (breach, malware, or phish).

74% of recaptured consumer records contain a physical or IP address.