A recent study by Kaspersky Digital Footprint Intelligence has highlighted a growing cybersecurity concern: employees registering for personal accounts on platforms like Netflix, Roblox, and Discord using their corporate email addresses. This practice increases the risk of account theft and potential security breaches within the organizations.
The research revealed that using corporate credentials for entertainment and social media services is not only risky for employees but also exposes entire organizations to cybersecurity threats. Kaspersky is urging companies to implement preventative measures and has outlined best practices to mitigate the consequences of such data leaks.
This concerning behavior was uncovered through an analysis of compromised credentials discovered on the dark web, emphasizing the potential for these breaches to cause both financial and reputational damage to businesses.
Analysis of Dark Web Credential Leaks from 2019 to 2024
Kaspersky experts analyzed leaked user credentials that were compromised and sold or published on the dark web between 2019 and 2024. The focus was on three widely-used entertainment platforms: Roblox, Discord, and Netflix. The analysis showed that, on average, 7% of the compromised accounts had been registered using a corporate email address.
According to Sergey Shcherbel, an expert at Kaspersky Digital Footprint Intelligence, using corporate emails for personal purposes is a violation of security best practices. He warned that such behavior creates vulnerability for both individuals and their employers.
“Registering personal accounts with your work email is not recommended,” Shcherbel explained. “Not only might you lose access to those accounts if you leave your job, but it could also create an entry point for cybercriminals into your corporate systems.”
Predictable Password Patterns Compound the Risk
Shcherbel also noted the additional danger posed when employees use repetitive or predictable password patterns. For example, passwords like “Word2025!” that contain easily guessed recurring elements could allow attackers to gain access to multiple accounts once a single breach occurs.
When corporate emails are compromised in a data leak, hackers can cross-reference those addresses with leaked password databases to attempt entry into more sensitive accounts, including work-related platforms and services.
This raises major concerns about how employees manage their digital credentials and the need for companies to monitor digital threats beyond their internal networks.
Banking Sector Employees Most Frequently Affected
Kaspersky’s analysis revealed that banking sector employees are among the most frequent users of corporate emails on platforms like streaming services, marketplaces, and social media. In some isolated cases, corporate emails were even found registered on gaming platforms and adult content websites, raising serious ethical and security concerns.
To conduct this research, Kaspersky examined a sample of 50 banking organizations, reviewing compromised credentials associated with their corporate domains. The credentials were found across five platform categories that include entertainment, e-commerce, social networks, and more.
The findings suggest that even highly regulated industries are not immune to lapses in cybersecurity behavior among employees.
Kaspersky Launches Awareness Platform for Infostealer Threats
In response to the growing threat of infostealer malware, Kaspersky has launched a dedicated landing page designed to raise awareness and offer guidance on how to protect against such attacks. The platform includes resources, toolkits, and preventive strategies for organizations of all sizes.
The company urges enterprises to be proactive in protecting their assets and credentials from being exploited by cybercriminals operating in underground networks.
Kaspersky emphasized that security is no longer limited to endpoint protection but must include employee behavior, credential hygiene, and real-time threat monitoring across the dark web.
Immediate Actions Recommended for Data Leak Incidents
If an individual or organization experiences a data leak through infostealer malware, Kaspersky recommends the following steps:
- Change all compromised account passwords and closely monitor those accounts for unusual activity.
- Run full security scans on all connected devices and immediately remove any detected malware or suspicious files.
- Proactively monitor dark web markets to detect if any corporate credentials are being traded or posted before they become a liability.
These steps should be followed without delay to prevent further damage and protect sensitive data.
Implementing Training, Monitoring, and Password Policies
Kaspersky encourages organizations to leverage its Digital Footprint Intelligence service, which helps companies understand what cybercriminals know about their digital assets, identify potential entry points, and apply appropriate defenses.
In addition, Kaspersky strongly recommends implementing a comprehensive security awareness program for employees. This includes regular cybersecurity training sessions, performance evaluations, and internal communication on best practices.
Lastly, companies should enforce strict corporate password policies, ensuring that staff use complex, unique passwords and never reuse credentials across platforms—minimizing the risk of cascading breaches caused by a single compromised account.
