Last year saw a 429% increase in the number of corporate login details with plaintext passwords exposed on the dark web. Even valuable organizations may even see their login details auctioned off for as much as $120,000. A single employee’s credentials can be enough for a threat actor to wreak havoc across an entire organization. Even companies that are supposed to be on the front line of cyber defense are overexposed to this threat vector. The average employee is likely to reuse the same password about 13 times, 29% of stolen passwords are weak.
Source: https://www.helpnetsecurity.com/2021/07/27/dark-web-corporate-credentials/