2025 Identity Breach Report: What 107 Billion Exposed Records Reveal About Cyber Risk

Rachel Hamasaki on July 8, 2025

Constella Intelligence’s 2025 Identity Breach Report reveals a worldwide surge in login-based attacks, infostealer-driven credential theft, and executive impersonation threats

Constella Intelligence today released its highly anticipated 2025 Identity Breach Report, unveiling a dramatic rise in global identity exposure and a seismic shift in cybercriminal behavior. With analysis covering over 219,000 breach events and 107 billion records in 2024, the report reveals that credential theft, rather than technical exploits, now powers the majority of major breaches, signaling a new era of digital risk.

“The data shows that attackers are no longer breaking in – they’re simply logging in,” said Andres Andreu, COO and CISO at Constella Intelligence. “With billions of email addresses, passwords, and/or active session objects circulating in breach datasets, identity has become the most valuable – and vulnerable – asset in the digital ecosystem.”

Key Findings from the 2025 Identity Breach Report:

4.3 billion unique email addresses were exposed in breaches in 2024, a 58% increase year-over-year, as attackers increasingly exploit stolen credentials to access systems undetected.
Over 30 million infostealer logs were observed circulating on the dark web, providing attackers with credentials, cookies, and session tokens harvested from infected devices.
Executive-level credentials appeared frequently in breach and malware datasets, with 54% of U.S. companies reporting executive identity fraud – often before internal systems detected the compromise.

A Wake-Up Call for Organizations Worldwide

The report underscores a paradigm shift: as stolen identities fuel everything from account takeover to deepfake-enabled fraud, perimeter-based security strategies have become insufficient. To protect customers, employees, and leadership, brands must adopt identity-first risk frameworks that address the new frontlines of digital attack.

“Threat actors no longer need to exploit technical vulnerabilities when valid credentials, session cookies, and session objects offer a direct path inside,” said Kevin Senator, Constella’s CEO. “Constella’s mission is to help organizations detect these exposures early – before identity becomes a liability.”

Constella recommends that security leaders integrate identity exposure monitoring, prioritize executive and high-privilege identity protection, and strengthen defenses against infostealer infections on endpoints.

Constella’s report is powered by the world’s largest curated identity risk data lake, spanning 230 billion identity records, 1.1 trillion identity assets, and 125 countries. These insights provide unmatched visibility into the evolving digital threat landscape, including data from open, deep, and dark web sources.

The full 2025 Identity Breach Report is available now.

About Constella

Constella Intelligence is a global leader in identity risk intelligence, helping organizations detect, investigate, and respond to threats linked to exposed personal data. Powered by the world’s largest breach and infostealer data lake – spanning over one trillion attributes across 125+ countries and 50+ languages – Constella delivers unmatched visibility into identity threats across the surface, deep, and dark web. Enterprises and technology partners worldwide rely on Constella to strengthen identity posture, fuel threat intelligence, and reduce digital risk. Learn more at constella.ai/.

Constella Intelligence Unveils 2024 Identity Breach Report: Welcome to the GenAI Attack Revolution

Rachel Hamasaki on August 13, 2024

How Artificial Intelligence and Massive Data Sets Are Both Fueling and Fighting the New Wave of Cyber Threats

[LOS ALTOS, Calif., August 13, 2024] – Constella Intelligence (“Constella”) today launched its highly anticipated 2024 Identity Breach Report, titled “Welcome to the GenAI Attack Revolution: How AI and Large, Complex Data Sets Are Amplifying the Risk of Identity Exploitation.” This groundbreaking report delves into the unprecedented challenges posed by AI-driven attacks and the explosive growth of exposed digital identities. With AI technologies driving a new wave of sophisticated cyber threats, the report emphasizes the urgency for organizations to adapt and innovate their cybersecurity measures to stay ahead of evolving risks.

Kevin Senator, CEO of Constella, said, “The 2024 Identity Breach Report reveals a pivotal shift in cybersecurity driven by AI and large data sets. As AI transforms attack methods and exposes more identities, organizations must adapt swiftly and strategically. This report emphasizes the need for innovation and advanced analytics to stay ahead in the evolving threat landscape.”

2024 Identity Breach Report Key Highlights:

AI-Powered Phishing Scams Reach New Heights

The advent of AI tools like FraudGPT and WormGPT has transformed phishing tactics, making scams more personalized and convincing than ever. These technologies enable attackers to create hyper-targeted phishing campaigns that closely mimic trusted sources, significantly increasing the difficulty of detection.

Unveiling the Geopolitical Face of Breaches

The cyber threat landscape now resembles Cold War-era geopolitics, with nation-state actors driving a dramatic increase in breaches. In 2023, Russian-linked breaches comprised six of the top ten compromised domains, highlighting the urgent need for accurate attribution and a global data approach. This perspective is essential for strengthening defenses, pinpointing bad actors, and effectively countering fraud.

Infostealers Dominate the Threat Landscape

Infostealers, malware designed for extensive data theft, continue to escalate. The report highlights a sharp increase in infostealer activity, emphasizing their growing threat to corporate networks due to their ability to remotely exfiltrate sensitive information.

Additional insights uncovered in the report include:

Surge in Plain Text Passwords: There has been a 100% increase in breaches involving plain text passwords, underscoring the need for enhanced real-time alerts and password management strategies to prevent identity theft.

Dramatic Increase in Total Breaches: The number of reported breaches rose by over 52% from 2022 to 2023, driven by sophisticated ransomware attacks and the rise of Ransomware-as-a-Service (RaaS), which has lowered the barrier to entry for cybercriminals.

Increase in Breaches Involving PII: There was a 39% increase in breaches involving Personally Identifiable Information (PII). Contributing factors include advanced attack techniques, the expansion of digital services and remote work, and vulnerabilities within supply chains.

The 2024 Identity Breach Report offers actionable insights for organizations seeking to bolster their cybersecurity defenses against these emerging threats. By leveraging AI and comprehensive data analysis, businesses can enhance their ability to identify and respond to cyber threats with greater precision.

To download a copy of the report, visit: https://constella.ai/2024-identity-breach-report/

About Constella:

Constella.ai is the global leader in AI-driven identity risk and deep and dark web intelligence for such applications as identity theft, insider risk, Know Your Employee (KYE), and deep OSINT investigations. With the world’s largest breach database, containing over one trillion data attributes in 125+ countries and over 53 languages, Constella empowers leading organizations across the globe to monitor and secure critical data through unparalleled visibility and actionable insights. Ready for a secure future? Reach out to Constella today and stay one step ahead of digital threats.

Constella Intelligence Unveils Advanced Know Your Business Solution, Revolutionizing External Identity Risk Management

Rachel Hamasaki on June 20, 2024

Constella builds on proven KYE expertise with a new Advanced Know Your Business solution, offering comprehensive identity risk detection capabilities across internal and external domains

Constella Intelligence (“Constella”) proudly introduced its Advanced Know Your Business (KYB) solution, a pioneering leap in external identity risk management that builds upon its established Know Your Employee (KYE) capabilities. Constella’s Advanced KYB solution sets a new standard by effectively identifying synthetic, malicious, and fake identities, fraudulent activities, and high-risk behaviors, helping to fortify organizational defenses across supply chains and B2B transactions.

Constella’s approach is rooted in extensive expertise and proven results, including its active support in high-profile investigations such as Reuters’ scrutiny of North Korean synthetic identities and cases highlighted by renowned cybersecurity investigative journalist Brian Krebs. These collaborations underscore the critical need for robust identity risk management tools to detect and mitigate risks associated with fake identities and criminal activities.

Chris Kissel, IDC Research Vice President, Security & Trust said, “Constella’s innovative approach promises a new level of visibility into internal threats in an age where data security is paramount, helping to fortify organizational resilience and ensuring peace of mind for stakeholders at every level.”

Harnessing the Power of AI and 1 Trillion Identity Assets

Constella’s advanced Know Your Business solution leverages ID Fusion AI profiling technology and taps into the world’s largest data lake comprising over 1 trillion recaptured assets from the surface, deep, and dark web. This comprehensive approach enables organizations to now identify synthetic identities, fraudulent activities, and other high-risk behaviors with unprecedented accuracy and depth, strengthening their defense against evolving threats across supply chains and from B2B transactions.

Comprehensive Identity Risk Detection Capabilities

With Advanced KYE and Advanced KYB, Constella’s comprehensive approach addresses a wide range of identity risks:

Advanced KYB: External Identity Risk Detection

Ensure the authenticity and integrity of external relationships, such as supply chain partners and B2B customers and entities, by uncovering synthetic and fake identities as well as risky or criminal activities that may jeopardize organizational security.

Advanced KYE: Internal Identity Risk Detection

Continuously monitor for and address potential threats stemming from synthetic or fake identities as well as fraudulent or malicious activities within internal networks, bolstering organizational security and resilience.

Kevin Senator, CEO at Constella, emphasized the strategic importance of this comprehensive offering, stating, “Constella’s Advanced KYB solution represents a significant expansion of our capabilities, reinforcing our commitment to providing organizations with the tools they need to navigate the evolving threat landscape.”

To learn more about Constella’s innovative solution, visit: https://constella.ai/id-risk-detection/

About Constella:

Read full press release – https://www.prweb.com/releases/constella-intelligence-unveils-advanced-know-your-business-solution-revolutionizing-external-identity-risk-management-302178322.html

Constella Introduces Advanced Know Your Employee (KYE) Solution, Redefining Internal Identity Risk Management

Rachel Hamasaki on June 4, 2024

Groundbreaking Advanced KYE Solution Empowers Organizations to Uncover Synthetic and Fake Identities and Manage Internal Identity Risks with Precision and Confidence

[LOS ALTOS, Calif., June 4, 2024] – In response to the urgent need for advanced internal identity risk and threat management, Constella Intelligence (“Constella”) proudly announced its groundbreaking Advanced Know Your Employee (KYE) solution. In an era marked by complex remote work arrangements and sophisticated cybercrime and fraud, Constella’s innovative solution promises unparalleled visibility into internal risks and threats, setting a new standard for safeguarding organizations.

Harnessing the Power of AI and 1 Trillion Identity Assets

Constella’s Advanced KYE solution revolutionizes internal vetting and verification by combining it’s cutting-edge ID Fusion AI profiling engine with the world’s most extensive data lake comprising over 1 trillion recaptured assets sourced from the surface, deep, and dark web. With this groundbreaking solution, organizations can now identify synthetic identities and other internal identity risks with unprecedented accuracy and depth.

“In the wake of escalating cyber threats and the rapid shift to remote work, Constella’s Advanced KYE solution emerges as a critical response to the heightened demand for robust internal identity risk management,” said Chris Kissel, IDC Research Vice President, Security & Trust. “Constella’s innovative approach promises a new level of visibility into internal threats in an age where data security is paramount, helping to fortify organizational resilience and ensuring peace of mind for stakeholders at every level.”

Designed to empower organizations with proactive risk mitigation strategies, Constella’s Advanced KYE solution offers unmatched capabilities:

Insider Monitoring: Identify and address potential threats arising from fraudulent or criminal activity through continuous, comprehensive scanning.
Contractor and Portfolio Monitoring: Safeguard investments and supply chain integrity with ongoing insights into contractor activities.
Fraudulent Employee Provisioning: Enhance traditional background checks by uncovering potential risk factors inaccessible through public and credit data alone.

Unrivaled Detection Capabilities

For the financial sector and other industries where regulatory compliance and data security are paramount, Constella’s Advanced KYE solution delivers critical advantages:

Synthetic and Fake Identity Detection: Leveraging Constella’s proprietary ID Fusion engine, uncover synthetic and fake identities crafted to deceive and exploit organizations.

Insider Threat Digital Monitoring: Detect and mitigate risky activities perpetrated by millions of digital fraudsters, including hackers, information sellers, and money launderers.

“Constella’s Advanced KYE represents a paradigm shift in internal identity risk management,” said Kevin Senator, CEO at Constella. “Amid today’s complex and ever-evolving cyber threat landscape, Constella remains committed to equipping organizations with the cutting-edge tools they need to fortify their digital assets and combat internal threats with precision and confidence.”

Constella’s Advanced KYE solution provides actionable data insights, including Synthetic & Fake Identity Scoring and Malicious Risk Scoring, enabling informed decision-making and proactive risk mitigation strategies.

To learn more about Constella’s innovative Advanced KYE solution, visit: https://constella.ai/advanced-know-your-employee-kye-solution/

About Constella:

Full press release – https://www.prweb.com/releases/constella-introduces-advanced-know-your-employee-kye-solution-redefining-internal-identity-risk-management-302162989.html

Constella Intelligence Enhances Identity Protection in Email Sector Through New Market Focus

constella on April 23, 2024

Constella Intelligence, a global leader in digital identity and account takeover solutions, announced its strategic initiative to expand consumer identity protection and account takeover features within the crucial sector of email services. This move marks a significant expansion in Constella’s approach to safeguarding digital identities and data, aiming to address the growing threats in this foundational online service. This collaboration with Proton, a leading secure email and VPN provider, exemplifies this new market opportunity, Constella emphasizes its broader commitment to transforming the market with its advanced technology and intelligence capabilities.

Constella’s decision to intensify its focus on this sector is rooted in recognizing email services as critical to the security of consumers’ digital identity and personal data. In an era of sophisticated cyber threats, protecting email is paramount to ensuring overall digital safety and integrity.

Market Opportunity and Enhanced Security Strategy

Kevin Senator, CEO of Constella Intelligence, expressed enthusiasm about the company’s strategic focus: “As we delve into the email market, our mission transcends individual partnerships. We are driven by the opportunity to enhance consumer security in these essential services fundamentally. Leveraging our proprietary data collection, verification, and enrichment capabilities, Constella is setting new standards for digital online safety and protection.”

Eamonn Maguire, Head of Anti-Abuse and Account Security at Proton, said, “The dark web is rife with leaked information, data and credential dumps, all of which are commonly traded and pose significant risks to people – from identity fraud, to account takeovers and reputation damage. Automated early warning can help users stay vigilant and mitigate worse side effects such as identity theft.”

The collaboration with Proton introduces this commitment to the market, integrating Constella’s threat intelligence to fortify Proton’s defenses against credential leaks. Constella’s ambition is to broadly implement its technologies across the email landscape, significantly reducing the risk of cyber threats for all users.

Key Benefits of Constella’s Market Focus

Proactive Protection: Through enhanced dark web monitoring, Constella aims to offer users preemptive security measures against account compromises.

Immediate Threat Alerts: Users benefit from timely notifications about compromised credentials, facilitating quick defensive actions.

Financial Loss Prevention: Early detection of threats aids in preventing the financial repercussions associated with cyber-crimes such as identity theft and fraud.

About Constella Intelligence

Constella.ai is the global leader in AI-driven identity risk and deep and dark web intelligence for such applications as identity theft, insider risk, Know Your Customer (KYC), and deep OSINT investigations. With the world’s largest breach database, containing over one trillion data attributes in 125+ countries and over 53 languages, Constella empowers leading organizations across the globe to monitor and secure critical data through unparalleled visibility and actionable insights. Ready for a secure future? Reach out to Constella today and stay one step ahead of digital threats.

About Proton

Proton was started in Switzerland in 2014 by scientists who met at the European Organization for Nuclear Research (CERN). Proton’s vision is to build an internet where privacy is the default through an ecosystem of services accessible to everyone, everywhere, every day. Proton’s first product, Proton Mail, is now the world’s largest encrypted email service. Subsequent Proton products such as Proton VPN, Proton Calendar, and Proton Drive leverage the same advanced encryption to give users full control over how and with whom their data is shared. Proton’s products are open source, developed by a team of over 400, and supported by an active community in more than 180 countries. Today, Proton is making privacy universally accessible with over 100 million sign ups, including journalists, some of the world’s largest organizations, and people around the world.

Constella and Social Links Join Forces to Deliver Transformative OSINT Solutions

Laura Bruck on March 25, 2024

March 25, 2024 [1] — Social Links, a leading developer of open-source intelligence (OSINT) software, has announced a strategic partnership with Constella Intelligence, a prominent identity signals provider. This collaboration marks a milestone in the investigative reach of both Social Links’ solutions and the OSINT industry at large.

Social Links has always understood the crucial role that darknet data plays in increasing the reach and scope of investigative work. By integrating Constella Intelligence’s leading-edge identity intelligence with a powerful OSINT platform, users will be able to conduct investigations that search wider and deeper. This will lead to more insights and leads, higher levels of success, and, most importantly, contribute to digital and global safety.

Social Links CEO, Ivan Shkvarun, reiterated the transformative potential this partnership brings. “We’ve always strived to provide our users with the most comprehensive, accurate, and up-to-date data. And our new collaboration with Constella Intelligence shows that we are really expanding horizons and giving investigators, prosecutors, and security professionals the invaluable edge they need to resolve their cases.”

As prominent specialists in digital risk protection and providers of data from diverse sources, Constella Intelligence brings immense expertise and advanced technologies to the partnership. Their specialized techniques and tools to extract data from the Deep and Dark Web can deliver the data that case breakthroughs are made of.

Constella Intelligence’s available resources include data that can’t be found through Surface Web domains. Used responsibly, such information can be instrumental in investigative work, case-building and evidence collection, as well as a range of cybersecurity objectives, such as exposure identification or incident response.

Constella Intelligence CEO, Kevin Senator expressed enthusiasm for the partnership’s potential to drive significant innovation in the field of intelligence software: “The innovative, forward-thinking solutions of Social Links are the perfect counterpart to our mission to deliver the most complete, reliable data possible. This synergy has the potential to bring something truly groundbreaking to the OSINT landscape, revolutionize investigative work, and make the world a safer place.”

About Social Links

Social Links is a leading open-source intelligence (OSINT) provider, bringing together data from 500+ sources covering social media, messengers, blockchains, and the Dark Web. The company’s ML-powered solutions facilitate data-driven investigations for law enforcement, national security, cybersecurity, due diligence, and more.

About Constella Intelligence

Constella.ai offers comprehensive identity protection solutions that leverage deep and dark web intelligence to provide actionable insights. Our solution integrates seamlessly with existing security systems and prioritizes data security through compliance with industry standards. With the world’s largest breach database, containing over Trillion data attributes and 200 billion Identity records in 125+ countries and over 53 languages, Constella sets the standard in data depth and security. Our expertise in OSINT investigations provides critical insights into digital footprints, offering a decisive edge in protecting and securing your data. Ready for a secure future? Reach out to Constella today and stay one step ahead of digital threats.

Placeholder.

Constella Intelligence Launches Brand Protection Module in Dome Platform, Provides Critical Threat Detection for Brands and Their Customers

The Constella Team on September 29, 2022

LOS ALTOS, Calif., Sept. 29, 2022 /PRNewswire/ — Constella Intelligence (“Constella”), a global leader in Cyber and Physical Risk Protection, today announced the launch of Brand Protection, a new module in the Dome platform that provides critical visibility into the digital and physical threats that target an organization and its customers. Dome Brand Protection follows the release of Executive Protection and Employee Protection last year.

Constella’s Dome Brand Protection module has the unique ability to monitor and identify a range of brand- and customer-related threats emerging from external sources and potential insider activity, including: malicious domains that launch phishing attacks or market counterfeit products; data breaches and account takeovers facilitated by exposed credentials and personally identifiable information (PII); social media impersonations used to spread disinformation, defraud customers or link to phishing campaigns; and dark web activity, such as selling or weaponizing stolen information, planning physical attacks against employees and facilities or recruiting insiders to divulge an organization’s sensitive data and provide access to internal systems.

“We are incredibly pleased to introduce Brand Protection and further expand the protective capabilities of our Dome platform,” said Kailash Ambwani, CEO of Constella. “The threats brands face today are increasingly diverse, spanning the cyber and physical spheres with the power to disrupt business operations. Given the challenges organizations face to keep up with evolving threats and the growing need to protect valuable assets, Dome Brand Protection will be crucial to our partners looking to safeguard their brand reputation and their customers through proactive threat monitoring, detection, assessment and response.”

Existing threat detection and OSINT collection techniques are largely siloed, manual and slow because security teams lack the adequate resources and technology to proactively detect critical threats to individuals and the brand itself. This trend is partly owed to disjointed teams, the use of generic tools engineered for marketing or legal teams rather than security departments and a lack of sufficient staff to monitor, detect and mitigate brand-targeted threats. Organizations too often respond to threats after the damage is done to their brands or customers—Brand Protection fills these blind spots by leveraging the Constella Dome platform that provides a high degree of automation and customizable threat models across multiple use cases, thus delivering highly accurate, real-time alerts and accelerating the response process.

“Cybercriminals are more sophisticated now than ever before, making brand protection a top priority for security professionals of all industries and locations,” said Dr. Ed Amoroso, founder and CEO of TAG InfoSphere. “Throughout my time in the cybersecurity sector, I’ve learned that no brand is too small or too private to suffer a targeted attack, and I believe unified, real-time monitoring and detection technologies will only become more essential from this point on.”

The consequences of targeted brand attacks go far beyond financial losses, as organizations also face reputational damage, diminished trust, stolen intellectual property and risks to employee health and safety. These damages can take years to remedy, and some brands never fully recover. Brand Protection bolsters the chances of mitigation, allowing CISOs, CSOs, legal teams and other security professionals to pinpoint emerging risks long before they become full-fledged attacks.

Press Release

Global Companies Face Increased Threats of Violence Amid Geopolitical and Social Unrest, New Constella Survey Reveals

The Constella Team on September 13, 2022

Nearly 50% of companies surveyed report increased physical security threats and incidents over the last year

LOS ALTOS, Calif., Sept. 13, 2022 /PRNewswire/ — A recent survey conducted by Constella Intelligence and commissioned by ASIS International revealed that organizations are confronting a staggering increase in threats against employees, executives and physical locations. Amid tensions exacerbated by political, social and economic issues, cyber-physical threats constitute considerable vulnerabilities for organizations. Reported risks included increased threats against physical facilities, co-workers and activism-related threats against business practices, while top security priorities included protecting organizations from disgruntled employees or customers, active shooter incidents and travel risks for executives. Despite these risks, nearly 61% of organizations surveyed said they do not proactively monitor the dark web for early indicators of emerging threats. Current practices are widely reactive as most organizations only respond to threats after they arise.

The report showcases the perspectives of more than 300 security professionals within the ASIS community at companies spanning 19 industries and five regions. Organizations surveyed range from 50 to more than 50,000 employees.

Constella Intelligence today presented four key insights from the survey at the 2022 Global Security Exchange (GSX), including: (1) Companies are facing increased physical security threats which are tied to the convergence of digital and physical risk, (2) physical security and cybersecurity teams are siloed, rarely operating within the same department and interacting infrequently, (3) open source and deep and dark web monitoring for early threat indicators are lagging and (4) social, economic and geopolitical unrest is tightening corporate governance.

Of the organizations surveyed, Constella and ASIS found that only about 1 in 10 (11%) have integrated cybersecurity and physical security teams into one unified department, and an alarming 52% of physical security teams don’t frequently interact with their cyber counterparts.

“As digital activity and physical events continue to converge, we must consider how to protect organizations and their employees from cyber-physical risks effectively,” said Constella’s Director of Risk Intelligence, Jonathan Nelson. “To ensure a holistic picture of targeted, hybrid security threats, cyber and physical teams need to transcend antiquated paradigms of ‘digital vs. physical,’ fostering deeper cross-functional engagement and leveraging unified tools to monitor the surface, deep and dark web for early threat signals.”

Through their joint analysis, Constella and ASIS identified a widespread need for deeper integration between cyber and physical security teams, as most respondents indicated their organizations would be better equipped to avoid crises if these functions were better aligned and could leverage a single unified platform to monitor potential threats. These responses evidence the relevance of comprehensive digital sphere monitoring capabilities—including coverage of the deep and dark web—to identify and mitigate emerging hybrid threats.

“I have witnessed several significant changes in the security sector since I began my editorial career nearly 30 years ago,” said Teresa Anderson, Vice President of Editorial Services at ASIS. “The most fascinating part is seeing how organizations evolve to meet new needs and overcome more advanced obstacles. The increasing convergence of digital and physical risk undoubtedly presents new opportunities for cybersecurity and digital security professionals to work in tandem, perhaps for the first time in their organization’s history.”

Key findings from the survey include:

Almost 50% of respondents said that the number of physical security threats and incidents at their company has increased compared with last year.
- 51% reported an increase in threats against a physical location.
- 43% reported an increase in threats against co-workers.
- 42% reported an increase in activism-related threats against business practices. Almost 30% reported an increase in threats against their senior executives.
62% of respondents ranked dangerous threats from former employees or disgruntled customers as their top security concern.
Physical and cybersecurity teams are siloed, as only 11% said that they are integrated into a single department; 40% said that incidents or threats could have been handled better if physical and cybersecurity teams were more tightly integrated.
61% of companies do not leverage a unified platform that proactively monitors the social and dark web for emerging threats, even though 70% agree that their company would be better equipped to avoid a crisis if they had one.

Among U.S. companies, 76% ranked preventing an active shooter event at one of their locations as their top security priority. The need for security advancements is widely recognized, as every respondent reported organizational plans to invest in at least one security system or activity in the next year. Security professionals can expect to see greater spending on threat assessment training, real-time monitoring and threat reporting, integrated digital and physical security practices and services from intelligence analysts or experts.

Read the full 2022 Survey Report on Managing Increased Cyber-Physical Security Threats in a Hyper-Connected World here.

Press Release

Constella Intelligence and Telefónica Tech Announce Partnership

Laura Bruck on June 8, 2022

Constella Intelligence and Telefónica Tech Announce Partnership to Increase Digital Protection for Customers

PRESS RELEASE

Both companies announced at the RSA Conference 2022 that they will combine Constella’s data lake with Telefónica Tech’s Cloud, Cybersecurity and Artificial Intelligence services to offer consumers and small and medium-sized businesses the highest level of protection against digital threats.

Los Altos (Calif, EEUU) y Madrid (Spain), 08 June 2022 — Today, Telefónica Tech, Telefónica’s digital business unit, and Constella Intelligence, a leader in digital risk protection and identity threat intelligence, announce within RSA Conference a strategic partnership that will combine Constella’s extensive data lake with Telefonica Tech’s cloud, cyber security and AI services. This collaboration offers Telefónica Tech customers enhanced digital threat protection to consumers and small and medium enterprises (SMEs), in the wake of increased cyberattacks and data breaches resulting from increased exposure and a rapidly transforming digital ecosystem.

Telefónica Tech and Constella take another step forward in their robust relationship and will work together to deliver integrated cyber security support and identity and threat protection, among other services. Telefónica Tech customers will be able to benefit from this alliance, unlocking new capabilities to dive deeper into personal data and identity protection and cyber security.

Constella’s technology will enable unmatched coverage, threat anticipation, and protection through its industry-leading data lake–powered by the most extensive curated breach data collection and social analytics reach on the planet, consisting of over 131 billion attributes and 66 billion compromised identity records spanning 125 countries and 53 languages.

Telefónica Tech’s ability to provide customised cyber security services worldwide will enable it to build and deliver solutions that incorporate early warning of data theft on the internet as part of its protection value proposition. This is a further step in Telefónica Tech’s goal to strengthen its cybersecurity portfolio with “360” protection capabilities covering its customers’ devices, data and identities.

Constella’s most recent research shows how consumers, employees, executives, and brands are at increased risk of cyber hostilities—with new insights highlighting that the price of fraudulent credentials sold in dark marketplaces increased 100% year over year. Meanwhile, 78% of executives at companies within the Dow Jones index have fallen victim to data breaches and cyber infiltration.

A Telefónica study also indicates a growing interest among consumers and the self-employed in identity protection services, with more than 75% of consumers and the self-employed finding them of interest.

“At Telefónica Tech we are one step ahead by offering a unique cybersecurity and cloud value proposition because we understand that there is no digitalisation without cyber security. The alliance with Constella reinforces our security capabilities to offer the highest level of protection to companies, thanks to the knowledge that the integration of their data lake in our technologies will provide us, says María Jesús Almazor, CEO of Cybersecurity and Cloud at Telefónica Tech.

“Our digital world is rapidly changing. We are currently witnessing a profound convergence of individual, business, and geopolitical risk in the face of global crises,” said Constella Intelligence CEO, Kailash Ambwani. “Constella’s partnership with Telefónica Tech will multiply our capabilities and innovation as we confront the emerging challenges of our era.”

Watch the announcement video.

ABOUT CONSTELLA INTELLIGENCE

Constella Intelligence is a global leader in Digital Risk Protection, safeguarding 30M+ global users at some of the world’s largest organizations, including 5 of the top 10 U.S. banks. Our solutions are a unique combination of proprietary data, technology, and human expertise to anticipate, identify, and remediate targeted threats to your people, your brand, and your assets at scale—powered by the most extensive breach and social data collection on the planet from the surface, deep and dark web, with over 131 billion attributes and 66 billion compromised identity records spanning 125 countries and 53 languages.

ABOUT TELEFONICA TECK

Telefónica Tech is the leading company in digital transformation. The company has a wide range of services and integrated technological solutions for Cybersecurity, Cloud, IoT, Big Data, or Blockchain. For more information, please visit: https://telefonicatech.com/

Constella Intelligence’s 2022 Identity Breach Report Highlights Converging Risks to Consumers, Businesses, and the Public Sector Amidst Increased Attacks on Critical Infrastructure

The Constella Team on April 28, 2022

More than 66,000 breaches and nearly 42 billion exposed consumer and employee records were detected circulating in dark markets in 2021, with critical infrastructure providers suffering 1 in every 3 cyber attacks

LOS ALTOS, Calif., April 28, 2022 /PRNewswire/ — Today, Constella Intelligence (“Constella”), a leader in digital risk protection and identity threat intelligence, released its 2022 Identity Breach Report — a comprehensive annual report that examines risks to consumers, employees, companies, and institutions stemming from breached data, along with threat actors’ activities on the surface, deep and dark web.

The report, titled “Exposed Data and the Convergence of Consumer, Business and Geopolitical Risk” leverages Constella’s industry-leading data lake of over 45 billion curated identity records spanning 125 countries and 53 languages to deliver insights on identity-based vulnerabilities.

The convergence of individual, corporate, and geopolitical risk is covered in depth by Constella’s threat intelligence team. Importantly, as geopolitical confrontation intensifies, private individuals and organizations will be targeted in cyberattacks and face new dimensions of identity-based, reputational, disinformation-driven, and even physical risk.

“Risks to individuals, businesses and the public sector are converging,” said Constella Intelligence CEO, Kailash Ambwani. “Individuals—as consumers, employees, and executives—are targeted for their sensitive personal data, which powers an increasingly commodified threat economy where personal information is transacted and then weaponized.”

Key findings from the report include:

More than 66,000 breaches and nearly 42 billion exposed records of consumers and employees were detected circulating in dark markets in 2021.
Critical infrastructure providers like healthcare, financial services, telecom and utilities were significantly impacted by data breaches in 2021, suffering 1 in every 3 breaches analyzed.
Constella’s threat intelligence team identified more than 11 million exposed personal records from 13,000 third-party breaches of the 30 public companies that comprise the Dow Jones Industrial Average.
- Out of a sample of more than 120 executives from these companies, 78% had their corporate credentials exposed in a breach since 2018.
The average price of personal consumer documentation circulating in dark markets—including credit cards, passports, and IDs—saw a 100% year over year increase.

Of interest, Constella also identified several groups involved in the Ukraine/Russia conflict deploying DDoS, defacement, malware, and ransomware attacks against business and government targets. These attacks frequently exploit individuals (consumers and employees) as a principal vector of entry into critical networks.

“During times of conflict, threat actors increasingly target critical infrastructure and essential services,” said Alex Romero, COO and co-founder of Constella Intelligence. “Consequently, the availability of sensitive personal data empowers threat actors to launch cyberattacks against companies, institutions, and networks by targeting affiliated individuals and exploiting vulnerabilities at an individual level.”

Constella’s research and analysis details how cybercriminals exploit personally identifiable information (PII) to execute a host of attacks and illustrates how identity-based attacks like fraud, impersonation, or phishing exploit individuals and underpin risks like malware, ransomware, or coordinated disinformation attacks.

To download the full Constella 2022 Identity Breach Report click here.

Press Release