Spike in Credential Leaks for the Pharmaceutical and Biotech Industry

May 26, 2020 • Allan Liska

Recorded Future noted a spike in the relative number of credential leaks from the pharmaceutical and biotechnology sector compared to all credential leaks between November of 2019 and March of 2020. The number of credentials that are leaked vary greatly from month to month — a large credential dump can cause numbers for a given month to increase dramatically, and many of those credentials may be repackaged from previous leaks. That’s why this report looks at the percentage of leaks tied to the pharmaceutical and biotechnology industry, rather than the absolute numbers, as it provides a more accurate picture of the situation.

The image below shows leaked credentials from the pharmaceutical and biotechnology industry tracked by Recorded Future between April 1, 2019 and April 30, 2020.

Recorded Future Timeline

Leaked credentials from the pharmaceutical and biotechnology industry.

Overall, the pharmaceutical and biotechnology industry accounted for .07% of leaked credentials during this period. However, there was a noticeable jump starting in November of 2019 and ending in February, which significantly skewed the average — the median percentage during this time is .03%.

The image below shows the percentages of leaked credentials belonging to accounts tied to the pharmaceutical and biotechnology industry. November of 2019 saw the percentage jump to .24%, then the percentage reverted to the median of .03% in December, and it then jumped to .07% in January, .11% in February, and .06% in March. These are statistically significant increases. So, while the percentages of leaked credentials belonging to accounts associated with the pharmaceutical and biotechnology industry is small overall, there was definitely a significant increase.

Graph

Percentage of credential leaks belonging to the pharmaceutical and biotechnology industry.

In reviewing reports of large credential dumps, there do not seem to be any that were specific to the pharmaceutical and biotechnology industry during that period. An industry-specific credential dump would normally account for a spike in percentage. At this point, there is not a definitive answer as to why the spike occurred during this period, and any explanation based on available data would be pure speculation. That being said, given the statistical significance of the spike, it is unlikely that the increase was random chance.

Learn More

Sign up for Recorded Future Express, our free browser extension, today to more efficiently prioritize alerts, incidents, and vulnerabilities.

New call-to-action

Related Posts

How to Fight Fraud With Security Intelligence

How to Fight Fraud With Security Intelligence

July 2, 2020 • The Recorded Future Team

Editor’s Note: Over the next several weeks, we’re sharing excerpts from the second edition of...

Reducing the Remote Education Attack Surface With Security Intelligence

Reducing the Remote Education Attack Surface With Security Intelligence

July 1, 2020 • The Recorded Future Team

This year, stay-at-home mandates issued by US states and countries across the world for K-12...

Protecting Government IT Infrastructures With Security Intelligence

Protecting Government IT Infrastructures With Security Intelligence

June 30, 2020 • The Recorded Future Team

Governments at the federal, state, and local levels are all stretching their IT infrastructure...