chat
expand_more

Account Takeovers Exposed: Key Statistics You Need to Know

Account takeover allows threat actors to steal sign-in credentials and access an organization's network. Read some eye-popping stats about ATO cost and frequency.
November 28, 2023

Account takeovers (ATO) have become a significant concern for organizations of all sizes and industries. These attacks are an especially damaging form of identity theft and fraud in which a threat actor gains access to a user’s account credentials. This puts the organization at risk of leaking sensitive information and falling prey to fraudulent requests for financial transactions. To make matters worse, these attacks can go undetected for months.

ATOs can occur in various ways—through session hijacking due to authentication token theft or forgery, traditional phishing, social engineering, credential stuffing, or even SMS or voice phishing. In essence, these threats are enabled by a combination of advanced attack methods and weak security measures.

To shed light on the prevalence and impact of account takeovers, we’ll delve into the latest statistics surrounding this type of cyber threat. By understanding the scope of the problem, businesses can better prepare themselves to detect, prevent, and mitigate the risks associated with account takeovers.

1. Approximately 26% of Companies Are Targeted by Weekly ATO Attempts

Unfortunately, account takeovers have become increasingly common over the past year. A quarter of companies (26%) say they are targeted by an ATO attempt each week.

Thankfully, not every ATO attempt is successful. Many are stopped by keen-eyed security teams or stymied by sophisticated cybersecurity solutions. Due to the high frequency of these attacks, it’s important for organizations to prioritize stopping ATOs in their tracks.

2. It Takes an Average of 11 Months to Resolve a Breach Caused by Stolen Credentials

On average, it takes 11 months to resolve a breach caused by stolen credentials, according to the IBM 2023 Cost of a Data Breach Report. This includes 240 days to identify the breach and another 88 to contain and resolve it. That’s almost a year, and each day is another opportunity for the attacker to harm your organization.

One of the reasons for the long life of these attacks is that 67% of organizations are not detecting account compromise on their own, making it crucial for organizations to leverage third-party cybersecurity solutions to help address ATO.

3. Organizations with 50,000+ Employees Have a 60% Chance of a Successful ATO Each Week

Organizations with a large number of employees offer threat actors more surface area for attacks. In fact, companies with more than 50,000 employees have a 60% chance of a successful ATO each week.

Successful attackers can then burrow deeper into organizations through emails, third-party applications, sensitive files, and more based on their privileged status. And with such dispersed networks of remote workers or employees across multiple offices, it’s easy to miss potential warning signs.

4. Nearly 80% of Fortune 1000 Organizations Have at Least One Compromised Account

Even top-tier companies are susceptible to ATO. In fact, they may even be hot targets for threat actors who recognize the value and reputation of these organizations. Nearly 80% of Fortune 100 organizations have at least one compromised account, according to Abnormal data.

Executives and members of financial services organizations are obvious targets. But attackers will compromise any account they can in hopes of climbing the corporate ladder, so to speak, with additional attacks against other employees.

5. The Average Breach Caused by Stolen Credentials Costs Organizations $4.62M

In addition to the frequent and widespread occurrence of ATO, it also bears a hefty price tag. According to the aforementioned IBM report, the average breach caused by stolen credentials costs organizations $4.62 million. That’s a substantial hit to an organization’s wallet and potentially a fatal hit to some.

Defend Against ATO With a Sophisticated Security Solution

ATO attempts are frequent, costly, and difficult to detect, making them a top concern for organizations and security professionals.

Abnormal is an advanced security solution that detects compromised email accounts and unusual or malicious user behavior. By recreating the crime scene in detail, Abnormal provides security teams with conclusive evidence to take action. Better still, Abnormal proactively kicks attackers out of hijacked Microsoft 365 accounts and remediates emails sent from compromised accounts. With total visibility into internal-to-internal email traffic, Abnormal prevents lateral phishing attacks often associated with ATO.

In the same way that you can cancel credit cards or debit cards before a thief has the opportunity to use them, Abnormal helps security teams take proactive steps to stop ATO. Abnormal can even detect ATOs already hidden within your network, thereby providing full defenses for your organization.

Interested in learning more about account takeovers and how you can stay protected with Abnormal? Schedule a demo today!

Schedule a Demo
Account Takeovers Exposed: Key Statistics You Need to Know

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Manufacturing Industry Attack Trends Blog
New data shows a surge in advanced email attacks on manufacturing organizations. Explore our research on this alarming trend.
Read More
B Dropbox Open Enrollment Attack Blog
Discover how Dropbox was exploited in a sophisticated phishing attack that leveraged AiTM tactics to steal credentials during the open enrollment period.
Read More
B AISOC
Discover how AI is transforming security operation centers by reducing noise, enhancing clarity, and empowering analysts with enriched data for faster threat detection and response.
Read More
B Microsoft Blog
Explore the latest cybersecurity insights from Microsoft’s 2024 Digital Defense Report. Discover next-gen security strategies, AI-driven defenses, and critical approaches to counter evolving threats and safeguard your organization.
Read More
B Osterman Blog
Explore five key insights from Osterman Research on how AI-driven tools are revolutionizing defensive cybersecurity by enhancing threat detection, boosting security team efficiency, and countering sophisticated cyberattacks.
Read More
B AI Native Vendors
Explore how AI-native security like Abnormal fights back against AI-powered cyberattacks, protecting your organization from human-targeted threats.
Read More