50% of hands-on-keyboard incidents in 2024 used valid or exposed credentials for initial access.

January 1, 2025

50% of hands-on-keyboard incidents in 2024 used valid or exposed credentials for initial access. — This cybersecurity statistic was published by ReliaQuest in January 2025. The original data appears in Racing the Clock: Outpacing Accelerating Attacks. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 1/1/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

50% of hands-on-keyboard incidents in 2024 used valid or exposed credentials for initial access. This data was published by ReliaQuest.

Where does this data come from?

This statistic comes from Racing the Clock: Outpacing Accelerating Attacks, published by ReliaQuest on January 1, 2025. You can view the original report at Racing the Clock: Outpacing Accelerating Attacks - ReliaQuest.

What cybersecurity topics does this cover?

This statistic was published by ReliaQuest. Browse more statistics from ReliaQuest.

CYBERSTATS

50% of hands-on-keyboard incidents in 2024 used valid or exposed credentials for initial access.

Source

Share or Copy this stat

Frequently Asked Questions

Want More Statistics Like This?

Related Statistics

44% of true-positive security alerts from cloud security tools in Q3 2025 were driven by identity-related weaknesses.

52% of all confirmed identity-based alerts were due to identity-related privilege escalation.

As of October 2025, there are over 14,700 Jenkins servers exposed to the internet that remain vulnerable to CVE-2024-23897.

33% of raw CSPM alerts were identity-related, contributing to the operational burden on security teams.

71% of critical vulnerability alerts in Q3 2025 originated from just four legacy CVEs.

99% of cloud identities were found to be over-privileged, creating significant security risks.

Stay Ahead of Cyber Threats