SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies
Key Facts
- SpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enterprise organizations as artificial intelligence […] The post SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
- SpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enterprise organizations as artificial intelligence and phishing-as-a-service (PhaaS) platforms enable threat actors to launch highly effective campaigns at scale.
- New Story SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Story's Credibility About Author The world's leading cybersecurity press release distribution platform.
- Based on a survey of security professionals at organizations with more than 1,000 employees, SpyCloud found that 78% of organizations experienced an increase in phishing volume over the past 12 months, while 84% say AI-generated phishing attacks are becoming more prevalent or harder to defend against.
- SpyCloud researchers observed that approximately half of its recaptured PhaaS platform-sourced records are tied to enterprise identities, compared to just 11% of malware-sourced records.
- This trend is reinforced by SpyCloud’s analysis of kits such as Tycoon 2FA, where approximately 80% of captured credentials belonged to corporate email accounts.
- While prevention remains important, organizations also need visibility into exactly what was exposed and be able to remediate before attackers can turn those exposures into follow-on attacks like ransomware, account takeover, session hijacking, or fraud.” Phishing’s Impact on Enterprises Continues to Grow The report combines survey findings with SpyCloud’s analysis of active phishing campaigns and PhaaS infrastructure, revealing a clear and deliberate focus on enterprise targets.
- Security teams should prioritize automated remediation workflows capable of revoking compromised access at scale and reducing the window of opportunity available to attackers.” Backed by the world’s largest repository of darknet data, SpyCloud recaptures phished credentials, session cookies, refresh tokens, and phishing targeting data directly from criminal infrastructure and active phishing campaigns, enabling organizations to identify compromised identities and automatically remediate exposures before they can be used for ransomware, account takeover, session hijacking, fraud, or other identity-based attacks.
- Austin, TX, USA, June 17th, 2026, CyberNewswire New SpyCloud research highlights the expansion of phishing attacks as AI and phishing-as-a-service fuel enterprise targeting.
- Additional SpyCloud analysis found: Phishing attacks exposed employee data at 86% of Fortune 100 companies over the last 12 months.
SpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enterprise organizations as artificial intelligence […] The post SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. SpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enterprise organizations as artificial intelligence and phishing-as-a-service (PhaaS) platforms enable threat actors to launch highly effective campaigns at scale.
The Criminal Operation
New Story SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Story’s Credibility About Author The world’s leading cybersecurity press release distribution platform.
Further details indicate that based on a survey of security professionals at organizations with more than 1,000 employees, SpyCloud found that 78% of organizations experienced an increase in phishing volume over the past 12 months, while 84% say AI-generated phishing attacks are becoming more prevalent or harder to defend against.
SpyCloud researchers observed that approximately half of its recaptured PhaaS platform-sourced records are tied to enterprise identities, compared to just 11% of malware-sourced records.
This trend is reinforced by SpyCloud’s analysis of kits such as Tycoon 2FA, where approximately 80% of captured credentials belonged to corporate email accounts.
Victims & Losses
The findings suggest that while organizations recognize the growing threat posed by phishing, many remain unprepared to respond once an attack succeeds. Only 38% of organizations are very confident they can detect and respond to credential theft within 24 hours. 42% struggle to remediate exposed users at scale.
While prevention remains important, organizations also need visibility into exactly what was exposed and be able to remediate before attackers can turn those exposures into follow-on attacks like ransomware, account takeover, session hijacking, or fraud.” Phishing’s Impact on Enterprises Continues to Grow The report combines survey findings with SpyCloud’s analysis of active phishing campaigns and PhaaS infrastructure, revealing a clear and deliberate focus on enterprise targets.
Security teams should prioritize automated remediation workflows capable of revoking compromised access at scale and reducing the window of opportunity available to attackers.” Backed by the world’s largest repository of darknet data, SpyCloud recaptures phished credentials, session cookies, refresh tokens, and phishing targeting data directly from criminal infrastructure and active phishing campaigns, enabling organizations to identify compromised identities and automatically remediate exposures before they can be used for ransomware, account takeover, session hijacking, fraud, or other identity-based attacks.
Additional SpyCloud analysis found: Phishing attacks exposed employee data at 86% of Fortune 100 companies over the last 12 months.
Protection Steps
-
42% struggle to remediate exposed users at scale.
-
68% require 4 hours or longer to identify and remediate confirmed phishing-related exposures.
-
- 42% struggle to remediate exposed users at scale.
-
- 68% require 4 hours or longer to identify and remediate confirmed phishing-related exposures.
Analysis
Misconfigurations and patching gaps in cloud environments remain a persistent vector for unauthorized access.
SecurityXP delivers daily cybersecurity news, vulnerability analysis, data breach reports, and threat intelligence.
Security Digest
Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.
Related Articles
Ex-school district employee jailed for hacks on former employer Cybercrime
Potter is also required to pay $59,668.81 in restitution to the Saydel Community School District and its insurer, Travelers Casualty and Surety Company, for...
CybercrimeCloudflare proudly joins the UK government's Cyber Resilience Pledge Cybercrime
This trend is consistent with broader data from the UK Cyber Security Breaches Survey, which revealed that 43% of surveyed British businesses and 28% of...
CybercrimeScattered Spider Hackers Plead Guilty on Day 1 of Trial Cybercrime
According to the NCA, the cyberattack at TfL forced all 28,000 employees to visit their local offices to reset their passwords and caused £29 million...
CybercrimeNancy Guthrie Case Reframed by Crypto Firm's "Wrench Attack" Label as Police Confirm Motive Pending
In it, CertiK described Nancy Guthrie's kidnapping as part of a "$6 million bitcoin ransom demand" and tied it to what the company called "the documented...