Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Cybercrime
      • /
    • Report: There Are Nearly 66 Billion Stolen Identity Records on Criminal Forums

    Report: There Are Nearly 66 Billion Stolen Identity Records on Criminal Forums

    KnowBe4 Team | Mar 30, 2026

    Phishing Attacks Source of Identity-Related BreachesResearchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year.

    “Phishing, malware, third-party breaches, and combo lists feed vast volumes of identity data into the industrialized criminal ecosystem,” the researchers write.

    “The risk extends beyond compromise – it fuels costly attacks at scale. With so much exposed data in circulation, attackers can continuously piece assets together and use them to gain initial access across applications and systems to power follow-on attacks.”

    Phishing is still the most common technique used to gain access or steal credentials, with many of these attacks succeeding against enterprise targets.

    “Phishing remains the top-cited risk by security teams – and it’s also the most-abused entry point for ransomware attacks,” SpyCloud says.

    “The most recent data supports the evidence that phishing is being used to target enterprises – probably with a higher success rate than you’d think. It’s handing cybercriminals the keys to the kingdom, for enterprises and consumers alike. Nearly half of all phished identities are corporate, and some kits have an even higher proportion of corporate victims, underscoring that enterprise controls are not stopping this threat.”

    These threats are driven by phishing-as-a-service (PhaaS) platforms that allow unskilled threat actors to launch sophisticated, targeted attacks.

    “By commercializing the phishing process – complete with fake website designs, MFA-bypass capabilities, and even victim-vetting mechanisms with pre-built email templates – these platforms have democratized access to advanced attack tactics, flooding the threat landscape with a wave of new, low-skilled actors capable of executing enterprise-grade attacks. Layered on top of AI-driven personalization and infostealer malware that feeds criminals richer targeting data, PhaaS has made phishing the dominant initial access vector for ransomware and account takeover. It’s the starting point for more damage.”

    SpyCloud has the story.

    Topics: Cybercrime Data Breach

    Discover Your Organization’s Phish-prone™ Percentage

    Ninety-one percent of data breaches begin with spear phishing. Launch our Free Phishing Security Test for up to 100 users to uncover your team's vulnerability and see how your security posture stacks up against industry benchmarks.

    Get Your Free Phishing Security Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All