Dark web reveals tech companies leak most user data

As many as 716M user contacts — namely 554M email addresses and 162M phone numbers — collected by identifiable companies were leaked on the dark web in 2024. Technology, media, financial services, commerce, and healthcare are the top five industries responsible for the most leaked personal information

According to the data, around 4,800 databases containing sensitive information belonging to individuals were published on the dark web last year. 600 of them could be traced back to identifiable businesses. The largest pool — 135 databases — was associated with companies within the technology and IT services industry. They contained 207M email addresses and 71M phone numbers, that is, information that best identifies a user in a system and can be used for contacting them.

"Technology is one of the biggest industries worldwide, with many companies, employees, clients, and consequently, a vast pool of highly valuable digital assets and private data. Compromising a tech company can serve as an entry point to attack third parties — their partners and clients," says Vakaris Noreika, a cybersecurity expert at NordStellar. "Hackers usually target these companies for significant monetary gain or to exploit them as a playground to test their skills — successfully infiltrating complex cybersecurity infrastructures can elevate a hacker's status."

Media services ranked as the second biggest user information-leaking industry, with 150M emails and 11M phone numbers landing on the dark web.

"Cybercriminals usually target media companies in the act of 'hacktivism' — to push their ideological agenda in the press. In other cases, they exploit these businesses to tarnish an outlet's reputation and minimize their credibility. Instances of hacktivism soar during significant political events, so the 2024 U.S. elections could have contributed to the big numbers we're seeing," says Noreika. "Another sub-industry in media is advertising agencies, which when hacked serve as a gateway to strike other organizations these companies work with, as well as their clients — influencers and content creators. Social media platforms are also frequent targets — bad actors use stolen user profiles and contacts for scams."

Main tools and practices to prevent data breaches

Companies that experience a data breach should notify their clients immediately and advise them to prepare and remain vigilant for suspicious emails, calls, or alerts about breached accounts. However, to avert possible breaches, a reputable business should consider investing in the following cybersecurity measures:

• A firewall and an antivirus solution. A firewall acts as a barrier, blocking unauthorized access into or out of a network, while an antivirus solution identifies and removes infected files. Implementing them on every network and device minimizes the risk of accidentally downloading malware.
• A zero trust policy. The zero trust model uses strict user authentication and continuous validation, ensuring that non-authorized or compromised users and devices are denied access to the company's network.
• Data encryption. Strong encryption helps protect sensitive information by transforming it into an unreadable format. As a result, even if cybercriminals manage to steal the data, they won't be able to access it.
• Cybersecurity training for employees. The majority of cyberattacks happen due to user error. While mistakes are bound to happen, teaching employees to recognize and report phishing scams will decrease the likelihood of experiencing a data breach.
• Threat monitoring. If a data leak does occur, it's vital to deploy mitigation efforts as soon as possible, and the company should be the first to know about it. - Threat monitoring tools help identify emerging cyber risks and quickly respond if data of employees is compromised to prevent it from further exploitation.

Research methodology

Out of the total number of 4,800 databases containing personal data that were leaked on the dark web in 2024, 600 had identifiable domain names that could be linked to companies on LinkedIn. The companies were first categorized according to the industry names on their social network profiles and then into broader categories.