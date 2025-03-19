Flashpoint also reports that in a new trend this year, threat actors are increasingly targeting Russian organisations.

Threat actors compromised more than 3.2bn credentials in 2024 – a 33pc rise in numbers from the year before, according to a new report from cyberthreat intelligence platform Flashpoint.

Cybersecurity analysts identified 6,670 publicly reported data breaches last year, of which, more than 4,000 affected organisations in the US alone. This is followed by the UK at a distant second with 270 data breaches and Canada with 238.

These breaches were collectively responsible for exposing more than 16.8bn records, including personally identifiable information.

While the affected sectors were more or less equally distributed, the professional, scientific and technical services was attacked the highest at nearly 16pc and the public administration sector was affected the least at nearly 12pc.

Flashpoint’s findings suggest that around 75pc or 2.1bn of the stolen credentials were obtained via information-stealing malware, which has low overhead costs and is becoming increasingly simpler to access.

This has resulted in infostealers becoming a key method for ransomware and high-impact data breaches.

Once threat actors gain access, they use the stolen credentials to infiltrate organisational systems and installing ransomware or exfiltrate and sell private data, according to the report.

Flashpoint’s research also identified a 10pc increase in ransomware attacks across all sectors in 2024. In 2023 there was an 84pc rise in these malicious attacks.

While so far in this year, Flashpoint has already identified 924 data breaches worldwide, amounting to more than 2.18bn records. 66pc of these have affected US organisations.

Interestingly, Flashpoint also reports that threat actors are increasingly targeting Russia. “Traditionally, threat actors have avoided compromising Russian organisations, let alone the Russian government,” the report reads.

According to the report, the ongoing Russian war in Ukraine has “significantly impacted” the cyberthreat landscape, creating increasing divisions between Ukrainian and Russian threat groups, which has led to Russia becoming a new prime target.

Flashpoint says that cybersecurity teams have historically focused on vulnerabilities in an IT system that is rated high on the Common Vulnerability Scoring System (CVSS).

However, the intelligence start-up explains that too many vulnerabilities are rated extremely high on the scale, even if it is unwarranted. Prioritising a cyberthreat solely based on the CVSS will not result in timely and effective patching, it explains.

To counter this, Flashpoint advises organisations to leverage exploit intelligence and metadata to reduce their critical vulnerability workload by 83pc.

“We live in interesting times, where technology is both a blessing and a curse,” said Ian Gray, the VP of intelligence at Flashpoint.

“2025 is following a year of significant upheaval in the cybercrime landscape, marked by high-profile arrests, platform policy changes and the rise and fall of prominent threat actors.

“The solution is not a talisman but intelligence, preparedness and the foresight to recognise that curses might just be opportunities in disguise.”

Ransomware and artificial intelligence-led cyberattacks rank among the top threats organisations may face this year.

