Spike in Credential Leaks for the Pharmaceutical and Biotech Industry

Spike in Credential Leaks for the Pharmaceutical and Biotech Industry

May 26, 2020 • Allan Liska

Recorded Future noted a spike in the relative number of credential leaks from the pharmaceutical and biotechnology sector compared to all credential leaks between November of 2019 and March of 2020. The number of credentials that are leaked vary greatly from month to month — a large credential dump can cause numbers for a given month to increase dramatically, and many of those credentials may be repackaged from previous leaks. That’s why this report looks at the percentage of leaks tied to the pharmaceutical and biotechnology industry, rather than the absolute numbers, as it provides a more accurate picture of the situation.

The image below shows leaked credentials from the pharmaceutical and biotechnology industry tracked by Recorded Future between April 1, 2019 and April 30, 2020.

Recorded Future Timeline

Leaked credentials from the pharmaceutical and biotechnology industry.

Overall, the pharmaceutical and biotechnology industry accounted for .07% of leaked credentials during this period. However, there was a noticeable jump starting in November of 2019 and ending in February, which significantly skewed the average — the median percentage during this time is .03%.

The image below shows the percentages of leaked credentials belonging to accounts tied to the pharmaceutical and biotechnology industry. November of 2019 saw the percentage jump to .24%, then the percentage reverted to the median of .03% in December, and it then jumped to .07% in January, .11% in February, and .06% in March. These are statistically significant increases. So, while the percentages of leaked credentials belonging to accounts associated with the pharmaceutical and biotechnology industry is small overall, there was definitely a significant increase.

Graph

Percentage of credential leaks belonging to the pharmaceutical and biotechnology industry.

In reviewing reports of large credential dumps, there do not seem to be any that were specific to the pharmaceutical and biotechnology industry during that period. An industry-specific credential dump would normally account for a spike in percentage. At this point, there is not a definitive answer as to why the spike occurred during this period, and any explanation based on available data would be pure speculation. That being said, given the statistical significance of the spike, it is unlikely that the increase was random chance.

Learn More

Sign up for Recorded Future Express, our free browser extension, today to more efficiently prioritize alerts, incidents, and vulnerabilities.

New call-to-action

Related Posts

Why Monitoring the Dark Web is Essential for Third-Party Risk Management

Why Monitoring the Dark Web is Essential for Third-Party Risk Management

May 13, 2021 • Trevor Lyness

The dark web is often portrayed as vast, mysterious, and out of reach for companies without...

Simplify and Accelerate Threat Hunting with High-Speed, High-Confidence Threat Intelligence

Simplify and Accelerate Threat Hunting with High-Speed, High-Confidence Threat Intelligence

April 15, 2021 • Neha Mehra

As your attack surface continues to grow -- expanding into the cloud and employees working from...

How Contextualized Intelligence Maximizes Security Outcomes in SecOps Tools

How Contextualized Intelligence Maximizes Security Outcomes in SecOps Tools

April 14, 2021 • Ellen Wilson

As the attack surface grows,  it’s difficult for security teams to maintain a comprehensive,...