It’s simple. Once they have their hands on a set of stolen credentials, (i.e. a username, usually an email address and a password) to one website, chances are they have credentials to many other websites, applications, and possibly your network.
This is because people tend to use the same password in more than one place.
<—- CHECK OUT OUR 2-MIN INTRO TO NINJIO CREDS
Once they’ve got a set of “creds”, they can pump those creds through a piece of software and automatically check many thousands of websites, and the software lets them know on which ones they get a “hit.” Combine this with the fact that the average user at work uses 27 different websites and applications, and you’ve got some exposure.
NINJIO CREDS powered by InfoArmor has been credited
as having the largest database of stolen credentials on the web. This is because InfoArmor has operatives that work across the globe collecting these credentials from their underground relationships.
When an operative obtains a set of compromised credentials, they are uploaded into the InfoArmor Database. If any stolen credentials have @yourcompany.com in the domain, your admin will be notified via email within 6 hours of those credentials being uploaded.
Once the admin is notified, he or she will login to the database and see who has been breached. Depending on your own internal policies and procedures, and if the breach contains the source, the admin will notify those users to change their password on any site, application, or network resource where they have used that password before.
Congratulations! You have once again cultivated another layer of security into your culture. In other words, you’ve raised the security bar—again.