The dark web is that area of the net containing encrypted content and isn’t indexed by search engines.
About 97 percent of cybersecurity companies had their information exposed to the Dark Web in 2020.
Some data breaches happened as recent as at the end of August, a security firm survey by ImmuniWeb.
The poll covered 398 cybersecurity firms headquartered across 26 countries such as the USA, UK, India, Canada and Germany.
Dark Web included both Deep Web and Surface Web in the poll. Dark Web consists of encrypted content that’s not indexed by search engines.
Over 160 companies confronted incidents as their workers used identical passwords on over one breached system. The majority of the passwords lacked basic security requirements – uppercase, numerical and unique characters—frequent passwords contained ‘password’ and ‘123456’.
Half the vulnerable data consisted of plaintext credentials such as private and financial information.
US-based security companies showed the most number of high-risk data breaches, followed by the United Kingdom. High-risk breaches include credentials with sensitive information.
A high number of leaks were quietly performed by reputable third parties such as suppliers or subcontractors.
Some stolen certificates came from incidents involving unrelated third parties, where sufferers used work mails to signal into adult websites.
At least 5,121 stolen credentials were found in pornographic and adult-dating websites, ImmuniWeb stated.
Over a fourth of the vulnerabilities remain unpatched so far, the security company said.