In a study of the Naz.API breach data myNetWatchman found that Companies using their compromised credential screening service were able to detect 94% of these compromised credentials earlier, in some cases years earlier, using myNetWatchman versus making use of the breach data when it became public.
When news broke about the 71 million user accounts that were compromised in the Naz.API data breach in September 2023 it provided a great comparative example between using vendors that make use of static data breach data once its public versus vendors that rely on real time credential monitoring, like myNetWatchman, for detection of compromised or at risk credentials (username and password). In the case of Naz.API the data set consisted of aggregated breach data from multiple breaches, so some would have been public in the past and some were likely not known. From the data we can see a large cluster from years in the past likely indicating they were pulled from a much older breach. if a company was relying on a vendor that uses static data breach data, the complete list of compromised credentials would not have been known before September 2023 as that was when it was discovered, and likely would not be available for several months after as attribution and legal processing for getting access to this data takes time. In contrast if a company was using myNetWatchman, a real time credential monitoring vendor, they would have had a higher likelihood of detecting it earlier as 94% of these compromised credentials were known to be compromised before the breach became public. Beyond the indication that the credentials were compromised, using myNetWatchman’s real time credential monitoring service would have also alerted on 5% of these creds that there was a successful access into an account by a bad actor.
Comments