Human Error Exposed: Nearly 880k Leaked Credentials Tied to 50 Top Companies, Including AT&T, Verizon, Walmart, Uber, FedEx and More

A new analysis of 879,654 leaked credentials from 50 of the world’s largest companies reveals a growing shift in cyber risk from system-level breaches to large-scale exploitation of human vulnerabilities. The joint report by global open source intelligence vendor Social Links and threat intelligence provider ParanoidLab points to one clear takeaway: attackers are targeting people, not infrastructure.

Key Insights:

• Of the nearly 880,000 leaked records examined in Q2 2025, more than 263,000 were linked to corporate email domains, indicating direct employee exposure at major firms such as AT&T, BT Group, Verizon, Walmart, Uber, FedEx, UPS, SBI, and China Construction Bank.

• The remaining ~615,000 records were tied to consumer accounts, showing widespread leakage across user bases.

• Telecom companies faced the largest overall exposure with over 344,000 leaked credentials, driven by major breaches at AT&T, BT Group, and Verizon.

• Retail and e-commerce followed with ~145,000 leaked records, led by platforms like Walmart, Etsy, and Rakuten.

• The transportation sector saw 140,000+ leaks, particularly among ride-hailing and airline operators such as Uber and EasyJet.

• The delivery sector, including FedEx, UPS, and Uber Eats, accounted for over 100,000 leaked records.

• While banks showed lower total breach volumes (~86,000), institutions like SBI and China Construction Bank reported alarmingly poor password hygiene, compounding their risk.

• Only 26.5% of all exposed passwords met modern strength criteria. In some industries, over 9 in 10 internal credentials used weak or predictable combinations.

The report highlights how advancements in AI and automation have outpaced traditional security approaches. Attackers now deploy AI-assisted phishing and impersonation tools that exploit human behavior at scale, while organizations still rely on outdated credential management.

“The real shift is this: it’s no longer just machines being hacked, it’s your people,” said Ivan Shkvarun, CEO and Co-founder of Social Links. “Unless we redesign security around the individual, the scale of these breaches will only grow.”

The data surfaces a critical trend: cyber defences designed for infrastructure are failing in the age of people‑centric attacks. Even well‑resourced organisations remain vulnerable when employees or users reuse weak passwords or have deficient access controls. With threat actors leveraging AI and OSINT techniques, the visibility gap between attackers and defenders is widening, meaning security teams must shift from “protecting systems” to “protecting people”.

The authors emphasise that the future of enterprise security lies in digital risk protection — a more proactive, user‑centred model that monitors for credential exposure, enforces better access practices, and treats employees and customers as part of the defence line.