How To Detect and Protect Against An Email Password Leak

February 15, 2022

Has my email and password been leaked?

This is a question you don’t want to be asking yourself, but it’s unfortunately a common occurrence. Email password leaks are some of the most frequent and dangerous cyberattacks. While they don’t do damage on their own, they reveal sensitive data that can be used to fuel bigger and much more devastating cybercrimes.

If you’re a large organization, how do you effectively protect your employees’ passwords from being leaked? You need a framework that includes strong password processes and an effective email security provider.

Email Password Leaks are Increasingly Common

Data leaks and breaches happen frequently. News stories on leaks involving millions of passwords seem to pop up a few times a year. RockYou2021 is a recent example, where an anonymous forum user leaked 8.4 billion passwords. Verizon’s 2021 data breach report identified over 5,000 data breaches in 2020 alone, a substantial increase from the year before.

The Verizon report also found that 8 out of 10 data breaches were due to stolen passwords. This is exactly what happened with the New York City Law Department. In 2021, a single stolen password allowed a hacker to breach the department’s database. As a result, the perpetrators gained access to incredibly sensitive information, such as medical records, police misconducts, the identity of young criminals, and thousands of employee records.

With the high frequency of data breaches and the ability to compromise an entire database with a single account, detecting and preventing password leaks is vital.

Has Your Email Password Leaked?

If you suspect your password was leaked, there are two quick ways to check.

First, use a compromised credential checking service. This is a feature now included in many password managers, browser extensions, and operating systems. If you use Google Chrome, for example, the browser will alert you if any saved usernames and passwords have been compromised in a data breach.

Second, there are free data breach search websites you can use to see if any of your personal data was compromised. These sites track and archive data breach dumps.

You might be surprised to find several of your accounts associated with a breach, some of which you’ve likely forgotten about. And if you use similar usernames and passwords across several accounts, one leaked password could put several accounts at risk.

Types of Password Leaks

A password leak, database breach, or any other password-based cyberattack is very dangerous. It can look legitimate when done right and it often appears that the attacker was using valid credentials to gain access. But how did the attacker gain access to the password leaks and compromised credentials? Here are the most common ways:

  • Phishing: One of the most common and relatively effective ways of getting someone’s username or password. Credential phishing involves tricking a person into divulging confidential information. Often, the attacker impersonates a legitimate agency or company to make him seem more trustworthy to the victim.

  • Brute force: An attacker uses trial and error to run through all the possible password combinations to gain access to an account. Brute force is the least sophisticated and, therefore, slowest method.

  • Keyloggers: An attacker infects a user’s computer with malware that tracks everything they type and input online, including login credentials.

  • Man in the middle (MITM) attacks: A cybercriminal can compromise a router or unsecured network to intercept communications between people–including sensitive information like passwords.

Notable Password Breaches and Leaks

There have been numerous data breaches and leaks over the years. Here are some notable ones where passwords or security questions were compromised.

  • Yahoo: The company has fallen victim to large-scale data breaches several times, most notably in 2013 and 2014. About 3 billion user accounts and their security questions and answers were impacted, making it the largest known data breach. Yahoo alleges that the breaches were caused by state-sponsored actors, though some researchers doubt the claim.

  • MySpace: A Russian hacker compromised 360 million MySpace accounts, including names, usernames, and birthdays in 2013. MySpace invalidated passwords for any accounts started before that year.

  • NetEase: In 2015, the email addresses and plaintext passwords of about 230 million NetEase users were breached.

  • Adobe: Adobe saw 153 million plaintext account passwords and hints breached in 2013.

  • Evite: 101 million Evite users had their email addresses and plaintext passwords breached in 2013.

While data breaches are still quite frequent, large-scale plaintext password dumps are thankfully less common, especially today. Companies and organizations are generally better about encrypting passwords and sensitive data after several embarrassing instances of leaks and breaches.

How to Protect Your Database From an Email Password Leak

Protecting your organization from a leaked password database exposed by attackers is crucial–a single password leak can lead to a large-scale data breach. One individual compromised account is enough for cybercriminals to enter a secure network. You need a strong email protection framework with the following features.


One of the best defenses you have against email password leaks is encryption. It’ll jumble database records from plaintext into unintelligible text. Even if an attacker breaches your database, they won’t be able to use the data. The only way to reverse it is to know the decryption key, which only you have.

Strict password standards

Don’t rely on passwords alone. Require multiple layers of authentication in case your users’ login credentials get compromised. Use multi-factor authentication (MFA) or biometrics, for example, to ensure that a password leak isn’t enough to log in to an account. It’s also good management practice to require employees to change their passwords regularly.

Email security solution

You need a protocol in place that can quickly detect and respond to account compromise from a password leak. This is where Abnormal Security comes in. Our email security solution can detect if a login has been made suspiciously (such as an unusual location or IP address), even with the right credentials.

When an unauthorized login is confirmed, we automatically block the account in question and log it out of all active sessions. This helps prevent further attacks from the compromised account. Similarly, we can also detect if a vendor’s account has been compromised. Third-party account compromise is a common avenue for phishing attacks.

To learn more about how Abnormal stops email password leaks, request a demo of the platform today.


Prevent the Attacks That Matter Most

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 5 Crucial Tips
Retailers are a popular target for threat actors due to their wealth of customer data and availability of funds. Here are 5 cybersecurity tips to help retailers reduce their risk of attack.
Read More
B 3 Essential Elements
Legacy approaches to managing unwanted mail are neither practical nor scalable. Learn the 3 essential elements of modern, effective graymail management.
Read More
B Back to School
Discover how threat group Chiffon Herring leverages impersonation and spoofed email addresses to divert paychecks to mule accounts.
Read More
B 09 06 22 Rearchitecting a System Blog
We recently shared a look at how the Abnormal engineering team overhauled our Unwanted Mail service architecture to accommodate our rapid growth. Today, we’re diving into how the team migrated traffic to the new architecture—with zero downtime.
Read More
B Industry Leading CIS Os
Stay up to date on the latest cybersecurity trends, industry news, and best practices by following these 12 innovative and influential thought leaders on social media.
Read More
B Podcast Engineering 11 08 24 22
In episode 11 of Abnormal Engineering Stories, David Hagar, Director of Engineering and Abnormal Head of UK Engineering, continues his conversation with Zehan Wang, co-founder of Magic Pony.
Read More
B Overhauled Architecture Blog 08 29 22
As our customer base has expanded, so has the volume of emails our system processes. Here’s how we overcame scaling challenges with one service in particular.
Read More
B Winning Back Productivity
Limiting time-wasting email messages makes employees more productive. Here’s how innovative organizations are addressing the challenge.
Read More
B Account Takeover Blog 08 22 22
Learn how threat actors execute account takeovers, how they exploit compromised accounts, and what you can do to reduce your risk.
Read More