A large share of UK employees have sold their corporate credentials over the past year, according to Cifas. The non-profit fraud prevention service’s Workplace Fraud Trends report is based on responses from 2,000 UK employees in companies with 1,000+ staff and found that 13% admitted selling their logins in the past 12 months. The same 13% said they believed the act was justifiable, with higher figures among senior managers (32%), directors (36%), C-suite executives (43%) and business owners (81%).
The Growing Insider Threat section notes that malicious incidents accounted for 27% ($4.7m) of insider-risk losses last year, according to DTEX, while a 2025 Socura/Flare report revealed 460,000 compromised credentials belonging to employees at FTSE 100 firms circulating on cybercrime sites. Other findings include 347 million compromised credentials on 3.9 million compromised machines, part of an estimated 2.9 billion tracked globally in 2025. These trends underline how the pipeline of compromised credentials challenges defenders.