According to Security Week’s recent article, “Stolen Logins Are Fueling Everything from Ransomware to Nation-State Cyberattacks,” cybersecurity firm Ontinue’s 2H 2025 Threat Intelligence Report, showcases that “Attackers aren’t breaking in anymore, they’re logging in.”
According to Ontinue’s Report, in the second half of 2025, “identity became the primary attack surface.” This means that users were providing legitimate logins to attackers, giving them access to systems undetected by cybersecurity measures implemented by the organization. Once in, they are nearly impossible to detect, and can move throughout the system, and access data in the same manner as the legitimate user. As a result, they can access intellectual property, personal information, proprietary information, and sensitive information over long periods of time.
The tip this week is: do not give your username or login to anyone. We are seeing an increase in security incidents caused by legitimate email accounts that were compromised when a user unknowingly gave their username and password to a bad actor being used to induce contacts of the individual and then persuade them into providing their credentials as well. That means that the bad actor not only has full access to the original compromised account, but then can identify their next victim and so on and so on.
Credential theft is now the primary way bad actors are attacking companies. Be wary of any request for your username and password and protect them fiercely.