Skip to content
Techzine Global
  • Home
  • Topstories
  • Topics
    • Analytics
    • Applications
    • Collaboration
    • Data Management
    • Devices
    • Devops
    • Infrastructure
    • Privacy & Compliance
    • Security
  • Insights
    • All Insights
    • Agentic AI
    • Analytics
    • Cloud ERP
    • Generative AI
    • IT in Retail
    • NIS2
    • RSAC 2025 Conference
    • Security Platforms
    • SentinelOne
  • More
    • Become a partner
    • About us
    • Contact us
    • Terms and conditions
    • Privacy Policy
  • Techzine Global
  • Techzine Netherlands
  • Techzine Belgium
  • Techzine TV
  • ICTMagazine Netherlands
  • ICTMagazine Belgium
Techzine » News » Security » ’15 billion credentials are sold on the dark web’
2 min Security

’15 billion credentials are sold on the dark web’

Jouri AltorfJuly 10, 2020 3:19 pmJuly 10, 2020
’15 billion credentials are sold on the dark web’

Credentials of 15 billion accounts are being sold on the dark web, according to research by Digital Shadows. The price ranges from under ten euros for access to streaming websites to about 100.000 euros for access to large companies.

The research ‘From Exposure to Takeover: The 15 billion stolen credentials allowing account takeover‘ was the result of an eighteen-month study by security researchers from Digital Shadows. The team eventually found 15 billion credentials that had been obtained through 100.000 data breaches, of which 5 billion were unique.

The research also revealed that the number of stolen usernames and passwords in circulation has increased by 300 percent since the last research was conducted in 2018. The log-in data of customers turned out to be the most common with an average selling price of 13.62 euros. Credentials for financial institutions such as banks were the most valuable with an average selling price of 62.59 euros. Of all the advertisements on the dark web, 25 percent belongs to this category.

08.07-image-5

Access to antivirus programs also proved popular with an average price of 19.13 euros, but access to media streaming sites, social media, file sharing, and VPNs was sold for less than ten euros.

Access to large companies

Credentials for essential business systems of large (and smaller) companies are also traded on the dark web, but prices are much higher. These credentials are sold at an auction to the highest bidder and researchers at Digital Shadows came across figures ranging from 441 euros to 106.000 euros with an average of 2770 euros.

A new noteworthy development is that of the ‘account takeover-as-a-service’ where criminals can rent the login details of an account for a certain period of time, often for less than 10 euros.

Digital Shadows finds the number of available login details shocking. “Some of these exposed accounts can (or do have access to) incredibly sensitive information. Details uncovered by one breach can be re-used to compromise accounts used elsewhere.”

Tip: Why cybercriminals use forums and the dark web on a large scale

Tags:

account takeover / credential / Dark web / data breach / Login

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Stay tuned, subscribe!

Nieuwsbrieven*

Related

Dutch telco refuses to pay ransom, hackers to publish customer data

Data breach involving 16 billion credentials is not what it seems

Bots now generate majority web traffic

Cloud credentials leaked in plaintext inside popular apps

Editor picks

Workday is well prepared for the EU AI Act, who will follow?

Many organizations are facing a challenging deadline on August 2. The...

How AI could drive cyber investigation tools from niche to core stack

Rather like quantum computing, the rise of all tiers of AI has given ...

Security by Design prevents higher bills

Those who build in security only after the fact pay up to fifteen tim...

ASUS ZenScreen OLED MQ16FC review: high-fidelity mobility

The ASUS ZenScreen OLED MQ16FC is geared towards professionals on the...

Techzine.tv

Why only 25% of teams are ready for the Cyber Resilience Act

Why only 25% of teams are ready for the Cyber Resilience Act
Cisco doubled down on compute for the AI and edge era

Cisco doubled down on compute for the AI and edge era
NetApp balances sovereignty with AI infrastructure needs

NetApp balances sovereignty with AI infrastructure needs
How Ansible becomes the execution layer for agentic AI

How Ansible becomes the execution layer for agentic AI

Read more on Security

Security by Design prevents higher bills
Top story

Security by Design prevents higher bills

Those who build in security only after the fact pay up to fifteen times the original cost. That’s why a str...

Berry Zwets 16 hours ago
AI agents on GitHub leak API keys via prompt injection

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to so-called "Comment and Control" attacks. These ar...

Erik van Klinken 9 hours ago
NTT Research wants to accelerate innovation with Scale Academy: SaltGrain is the first result
Top story

NTT Research wants to accelerate innovation with Scale Academy: SaltGrain is the first result

Attribute-based encryption at the data layer

Sander Almekinders 1 day ago
NIST updates NVD: not every CVE will be scrutinized

NIST updates NVD: not every CVE will be scrutinized

The number of vulnerabilities is becoming unmanageable. The U.S. security authority NIST is therefore updatin...

Erik van Klinken 6 hours ago

Expert Talks

Anthropic’s Mythos preview: why the human layer matters more, not less

Anthropic’s Mythos preview: why the human layer matters more, not less

Anthropic has announced Anthropic’s Mythos Preview, a frontier mode...

Why SAST is growing in importance in the age of AI-generated source code

Why SAST is growing in importance in the age of AI-generated source code

Vibe coding is rising astonishingly quickly, but even developers who ...

Infosecurity Europe announces first wave of keynote speakers for 2026

Infosecurity Europe, the most influential information security event...

Better connected business technology is essential for prosperity in the Netherlands 

According to PwC, the Netherlands ranks fourth in Europe for producin...

Tech calendar

Southeast Asia AI Application Summit 2026
April 23, 2026 Bangkok

SAS Innovate 2026
April 27, 2026 Grapevine

Team '26
May 5, 2026 Anaheim

Knowledge 26
May 5, 2026 Las Vegas

GISEC GLOBAL 2026
May 5, 2026 DUBAI

Red Hat Summit
May 11, 2026 Atlanta

Whitepapers

Experience Synology’s latest enterprise backup solution

Experience Synology’s latest enterprise backup solution

How do you ensure your company data is both secure and quickly recove...

How to choose the right Enterprise Linux platform?

How to choose the right Enterprise Linux platform?

"A Buyer's Guide to Enterprise Linux" comprehensively analyzes the mo...

Enhance your data protection strategy for 2025

The Data Protection Guide 2025 explores the essential strategies and...

Strengthen your cybersecurity with DNS best practices

The white paper "DNS Best Practices" by Infoblox presents essential g...

Techzine Global

Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.

Follow us

Twitter
LinkedIn
YouTube

© 2026 Dolphin Publications B.V.
All rights reserved.

Techzine Service

  • Become a partner
  • Advertising
  • About Us
  • Contact
  • Terms & Conditions
  • Privacy Statement