myNetWatchman Launches the Travel Credential Abuse Index

The First Industry Benchmark on Cyber Threats Targeting Global Travel Brands

Savannah, GA, October 21, 2025 — myNetWatchman today announced the release of the Travel Credential Abuse Index (TCAI) Report, a first-of-its-kind benchmark tracking credential-based cyberattacks across airlines, hotels, online travel agencies (OTAs), and car rental companies. The report delivers unprecedented visibility into how credential abuse has evolved over the past two years, revealing that while overall attack volumes fluctuate, the sophistication and persistence of threat actors continue to rise.

Drawing on activity across more than 85 travel platforms and billions of login attempts, the TCAI captures  real-world fraud behavior across sectors. The findings reveal  that credential abuse in travel has not declined, it has adapted. Attackers continue to exploit stolen credentials, MFA bypass tools, and both human and supply chain vulnerabilities. High-attack periods frequently correlate  with major data breaches such as the Otelier hotel software breach in 2024 and the coordinated Scattered Spider airline campaigns in mid-2025.

“Credential abuse represents one of the most persistent and underestimated risks to digital travel. Our goal with the TCAI is to give the industry a data-driven view of this evolving threat, and the tools to fight back.” said David Montague, CEO, myNetWatchman

The TCAI highlights that attackers are increasingly ROI-driven, shifting focus among travel sectors as defenses tighten. Airlines and OTAs face  the most sustained surges. Despite widespread adoption of multi-factor authentication, the report warns that MFA alone is not enough. Travel companies must also implement compromised credential screening, advanced bot detection, and synthetic identity prevention.

The research underscores the growing need for proactive threat intelligence and continuous monitoring. “Credential abuse is not a one-time event; it’s an evolving ecosystem,” added Montague. “Without layered detection and identity verification, even the strongest authentication systems can be undermined.”

The Travel Credential Abuse Index Report (October 2025) is available for download at www.myNetWatchman.com/TCAI.

About myNetWatchman

myNetWatchman provides real-time intelligence and fraud prevention solutions to help organizations detect and stop credential abuse, account takeover, and synthetic identity fraud. Leveraging billions of behavioral and reputational signals across the internet, myNetWatchman helps global enterprises identify risk, reduce fraud losses, and protect customer trust.