Data leaks on the dark web: Many companies do not react

Data leaks on the dark web: Many companies do not react

Share post

Kaspersky experts last year notified 258 companies worldwide that their databases or compromised accounts were being offered for sale on the dark web. Almost a third did not respond to the notices.

A quarter of these companies came from Europe, 14 of them even from the DACH region. The problem with this: 28 percent of the affected companies worldwide reacted with indifference or denial.

As part of an initiative by the Kaspersky Digital Footprint Intelligence team, affected companies received an immediate notification when a cybersecurity incident related to compromised company data was detected on the dark web, such as database sales, infrastructure compromises or ransomware.

European companies most affected

Darknet forums and blogs as well as hidden Telegram channels were monitored for analysis. Incidents involving falsified, public or generic data were not considered reportable. In order to avoid unauthorized access to the infrastructure of the affected companies, the compromised data was not checked in any way.

Overall, Kaspersky discovered 258 such critical incidents in the past year, in which corporate accounts were found on the dark web and would have required an immediate response from the company. Those from Europe were most affected, with more than 25 percent of the reports coming from this region. A total of 66 companies in Europe were affected, 14 of them from Germany, Switzerland and Austria - from the fields of medicine, education, manufacturing, banking and aviation.

Data on the dark web? companies rather uninterested

Overall, the results of the initiative show a worrying trend: almost every second (42 percent) company worldwide lacks a dedicated point of contact for cyber incidents, while 28 percent reacted indifferently or even denied incidents. Only 22 percent of companies that received a notification responded appropriately, accepting the information and assuming the risks; another 5 percent demonstrated proactive monitoring and detection, indicating they were already aware of the incident.

“The results of our initiative on how companies are responding to data on the dark web are rather discouraging,” said Yuliya Novikova, Head of Digital Footprint Intelligence at Kaspersky. “Only a third of companies responded appropriately to the situation, while the majority wavered between ignorance, denial or helplessness. In the past, darknet monitoring was still quite confusing and difficult to organize, but this has changed. It has now become a valuable and accessible source of threat intelligence for cybersecurity professionals, including CTI and SOC analysts. This resource enables an immediate response to security incidents, such as offers to sell access to corporate systems or data leaks, ultimately helping prevent data breaches.”

More at


About Kaspersky

Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at


Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more