What are leaked credentials?
A leaked credentials risk detection type indicates that the user’s current credentials have been leaked. These credentials remain valid and can used to sign into an organization’s environment, to gain access to customers or critical operational data. There are ways to prevent or mitigate the effect of leaked credentials including changing password periodically. Because once one changes their password, the stolen identity becomes invalid.
But the danger of leaked credentials is that, most often, organizations may not be aware of stolen identities until critical data have been comprised. When cybercriminals compromise valid passwords of legitimate users, they post them publicly on the dark web or paste sites, or trade the credentials on the black market.
Microsoft monitors such public and dark webs using a set of AI and advanced technologies to run comparative analysis to see if a credential has been compromised. Microsoft works with the following:
- Law enforcement
- Security teams at Microsoft
- Other trusted sources
When the service acquires username and password pairs, they are checked against Microsoft Azure Active Directory (AAD) users’ current valid credentials. When a match is found, it means that a user’s password has been compromised and a leaked credentials risk detection is created.
How can you detect and mitigate threats from leaked credentials using Microsoft Security?
Using Microsoft Identity protection and Microsoft Cloud App Security, organizations can create threat protection policies and also be able to to quickly investigate leaked credential to invalidate stolen credentials. Microsoft Cloud App Security and Azure AD Threat Protection offer organizations many options to prevent or mitigate the cyber-threat from leaked credentials. Organizations can choose which of the following methods works best for them.
How we can help you mitigate threats from leaked credentials
We work with organizations to strengthen their security posture and protect their organization against cybersecurity threats, including leaked credentials, malware detection and more with threat protection tools from Microsoft productivity applications and cloud services. We also provide one-time security assessments to assess your organization’s vulnerabilities based on data from your infrastructure. Visit our CSAT page to learn more.
For immediate assistance, email us at email@example.com