Data offering: Every third company appears on the dark web

Every third company appears on the dark web

Share post

In the last two years, one in three companies worldwide have offered compromised data for sale on the dark web. The sale of access data to the company's infrastructure poses a major threat.

In total, between January 2022 and November 2023, Kaspersky Digital Footprint Intelligence discovered around 40.000 messages in forums, blogs and Telegram shadow channels that revolved around trading internal company databases and documents.

Sales of access data on the Darknet increased by 16 percent

However, some messages also offered access to corporate infrastructure. Kaspersky experts identified more than 6.000 such messages during the almost two-year investigation period - and the offers are increasing. The average number of monthly messages of this type increased by 2023 percent from 16 to 246 between last year and 286. With regard to the threat of supply chain attacks forecast for 2024, data leaks from smaller companies could also have significant consequences for a large number of people and companies worldwide have.

Kaspersky experts also examined which companies the access was sold to. To do this, they randomly selected 700 companies that were associated with compromised company data in 2022. Offers for these appeared in 233 posts on the Darknet. These explicitly mentioned data leaks, stolen access to infrastructure or hacked accounts.

Databases are offered in various underground forums

“Not every message on the dark web contains new or unique information,” explains Anna Pavlovskaya, an expert at Kaspersky Digital Footprint Intelligence. “Some offers can double. For example, if cyber criminals want to sell data particularly quickly, they publish the offers in various underground forums in order to reach a larger audience of potential buyers. In addition, certain databases can be combined and offered again. Such combined offers, for example, combine information from various previously leaked databases, such as passwords for email addresses.”

More at


About Kaspersky

Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more