How To Detect and Protect Against An Email Password Leak

February 15, 2022

Has my email and password been leaked?

This is a question you don’t want to be asking yourself, but it’s unfortunately a common occurrence. Email password leaks are some of the most frequent and dangerous cyberattacks. While they don’t do damage on their own, they reveal sensitive data that can be used to fuel bigger and much more devastating cybercrimes.

If you’re a large organization, how do you effectively protect your employees’ passwords from being leaked? You need a framework that includes strong password processes and an effective email security provider.

Email Password Leaks are Increasingly Common

Data leaks and breaches happen frequently. News stories on leaks involving millions of passwords seem to pop up a few times a year. RockYou2021 is a recent example, where an anonymous forum user leaked 8.4 billion passwords. Verizon’s 2021 data breach report identified over 5,000 data breaches in 2020 alone, a substantial increase from the year before.

The Verizon report also found that 8 out of 10 data breaches were due to stolen passwords. This is exactly what happened with the New York City Law Department. In 2021, a single stolen password allowed a hacker to breach the department’s database. As a result, the perpetrators gained access to incredibly sensitive information, such as medical records, police misconducts, the identity of young criminals, and thousands of employee records.

With the high frequency of data breaches and the ability to compromise an entire database with a single account, detecting and preventing password leaks is vital.

Has Your Email Password Leaked?

If you suspect your password was leaked, there are two quick ways to check.

First, use a compromised credential checking service. This is a feature now included in many password managers, browser extensions, and operating systems. If you use Google Chrome, for example, the browser will alert you if any saved usernames and passwords have been compromised in a data breach.

Second, there are free data breach search websites you can use to see if any of your personal data was compromised. These sites track and archive data breach dumps.

You might be surprised to find several of your accounts associated with a breach, some of which you’ve likely forgotten about. And if you use similar usernames and passwords across several accounts, one leaked password could put several accounts at risk.

Types of Password Leaks

A password leak, database breach, or any other password-based cyberattack is very dangerous. It can look legitimate when done right and it often appears that the attacker was using valid credentials to gain access. But how did the attacker gain access to the password leaks and compromised credentials? Here are the most common ways:

  • Phishing: One of the most common and relatively effective ways of getting someone’s username or password. Credential phishing involves tricking a person into divulging confidential information. Often, the attacker impersonates a legitimate agency or company to make him seem more trustworthy to the victim.

  • Brute force: An attacker uses trial and error to run through all the possible password combinations to gain access to an account. Brute force is the least sophisticated and, therefore, slowest method.

  • Keyloggers: An attacker infects a user’s computer with malware that tracks everything they type and input online, including login credentials.

  • Man in the middle (MITM) attacks: A cybercriminal can compromise a router or unsecured network to intercept communications between people–including sensitive information like passwords.

Notable Password Breaches and Leaks

There have been numerous data breaches and leaks over the years. Here are some notable ones where passwords or security questions were compromised.

  • Yahoo: The company has fallen victim to large-scale data breaches several times, most notably in 2013 and 2014. About 3 billion user accounts and their security questions and answers were impacted, making it the largest known data breach. Yahoo alleges that the breaches were caused by state-sponsored actors, though some researchers doubt the claim.

  • MySpace: A Russian hacker compromised 360 million MySpace accounts, including names, usernames, and birthdays in 2013. MySpace invalidated passwords for any accounts started before that year.

  • NetEase: In 2015, the email addresses and plaintext passwords of about 230 million NetEase users were breached.

  • Adobe: Adobe saw 153 million plaintext account passwords and hints breached in 2013.

  • Evite: 101 million Evite users had their email addresses and plaintext passwords breached in 2013.

While data breaches are still quite frequent, large-scale plaintext password dumps are thankfully less common, especially today. Companies and organizations are generally better about encrypting passwords and sensitive data after several embarrassing instances of leaks and breaches.

How to Protect Your Database From an Email Password Leak

Protecting your organization from a leaked password database exposed by attackers is crucial–a single password leak can lead to a large-scale data breach. One individual compromised account is enough for cybercriminals to enter a secure network. You need a strong email protection framework with the following features.


One of the best defenses you have against email password leaks is encryption. It’ll jumble database records from plaintext into unintelligible text. Even if an attacker breaches your database, they won’t be able to use the data. The only way to reverse it is to know the decryption key, which only you have.

Strict password standards

Don’t rely on passwords alone. Require multiple layers of authentication in case your users’ login credentials get compromised. Use multi-factor authentication (MFA) or biometrics, for example, to ensure that a password leak isn’t enough to log in to an account. It’s also good management practice to require employees to change their passwords regularly.

Email security solution

You need a protocol in place that can quickly detect and respond to account compromise from a password leak. This is where Abnormal Security comes in. Our email security solution can detect if a login has been made suspiciously (such as an unusual location or IP address), even with the right credentials.

When an unauthorized login is confirmed, we automatically block the account in question and log it out of all active sessions. This helps prevent further attacks from the compromised account. Similarly, we can also detect if a vendor’s account has been compromised. Third-party account compromise is a common avenue for phishing attacks.

To learn more about how Abnormal stops email password leaks, request a demo of the platform today.


Prevent the Attacks That Matter Most

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 05 11 22 Scaling Out Redis
As we’ve scaled our customer base, the size of our datasets has also grown. With our rapid expansion, we were on track to hit the data storage limit of our Redis server in two months, so we needed to figure out a way to scale beyond this—and fast!
Read More
B 05 17 22 Impersonation Attack
See how threat actors used a single mailbox compromise and spoofed domains to subtly impersonate individuals and businesses to coerce victims to pay fraudulent vendor invoices.
Read More
B 05 14 22 Best Workplace
We are over the moon to announce Abnormal has been named one of Inc. Magazine's Best Workplaces of 2022! Learn more about our commitment to our workforce.
Read More
B 05 13 22 Spring Product Release
This quarter, the team at Abnormal launched new features to improve lateral attack detection, role-based access control (RBAC), and explainable AI. Take a deep dive into all of the latest product enhancements.
Read More
B 05 11 22 Champion Finalist
Abnormal has been selected as a Security Customer Champion finalist in the Microsoft Security Excellence Awards! Here’s a look at why.
Read More
Blog series c cover
When we raised our Series B funding 18 months ago, I promised our customers greater value, more capabilities, and better customer support. We’ve delivered on each of those promises and as we receive an even larger investment, I’m excited about how we can continue to further deliver on each of them.
Read More
B 05 09 22 Partner Community
It’s an honor to be named one of CRN’s 2022 Women of the Channel. Here’s why I appreciate the award and what I love about being a Channel Account Manager at Abnormal.
Read More
B 05 05 22 Fast Facts
Watch this short video to learn current trends and key issues in cloud email security, including how to protect your organization against modern threats.
Read More
B 05 03 22
Like all threats in the cyber threat landscape, ransomware will continue to evolve over time. This post builds on our prior research and looks at the changes we observed in the ransomware threat landscape in the first quarter of 2022.
Read More
B 04 28 22 8 Key Differences
At Abnormal, we pride ourselves on our excellent machine learning engineering team. Here are some patterns we use to distinguish between effective and ineffective ML engineers.
Read More
B 04 26 22 Webinar Re Replacing Your SEG
Learn how Microsoft 365 and Abnormal work together to provide comprehensive defense-in-depth protection in part two of our webinar recap.
Read More
Blog mitigate threats cover
Learn about the most common socially-engineered attacks and why these tactics are still so successful—despite a growing awareness from employees.
Read More