GoKawiilWritten by Ran Geva, CEO at Webz.io & Lunarcyber.com
In 2026, stolen credentials are a top-tier security priority. They are also a paradox: even though they are considered a significant risk, enterprises still opt for checkbox solutions and generic tools to mitigate the problem.
According to a recent survey commissioned by Lunar, a dark-web monitoring platform powered by Webz.io, 85% of organizations rank stolen credentials as a high or very high risk, with 62% saying they are in their top-three security priorities.
At the same time, I’ve spoken with dozens of organizations using Lunar’s community platform, who have told me things like, “we have MFA everywhere, so we’re covered”, and “our EDR and zero-trust stack already protects our employees.”
They fail to realize that EDR and zero-trust measures offer no protection when an employee logs into a critical SaaS service from an unmanaged home device.
The consequences of failing to detect stolen credentials in time can be catastrophic. According to IBM’s Cost of a Data Breach Report, a breach involving compromised credentials costs between $4.81-4.88 million.
Considering that Lunar observed 4.17 billion compromised credentials in 2025 alone, the potential global cost of these attacks is staggering. All of this means that simple breach monitoring is no longer enough.
An enterprise mindset shift is needed to create a programmatic defense strategy that tackles the ever-evolving threat of infostealers.
Checkbox Monitoring and The Dangers of Using Generic Solutions
When speaking with organizations, I always ask how they mitigated the infostealer threat before onboarding Lunar. The answers I get follow the same pattern: Exposed credentials are a serious problem and we dedicated resources to solutions to mitigate the threat.
... continue reading