Employees using work email to sign up for gaming and entertainment platforms may be putting their companies at risk. A new report from Kaspersky reveals that this practice is more common than expected and more dangerous.
According to the cybersecurity firm, 7% of leaked accounts from platforms like Discord, Roblox, and Netflix were registered using corporate emails. If these credentials are exposed in a data breach, attackers could use them to target company systems.
Infostealer malware is often behind these leaks. It hides in cracked games, cheat tools, and unofficial mods. Once installed, it collects passwords, credit card details, and other sensitive data. This stolen information is then sold or shared on the dark web.
Kaspersky warns that predictable passwords like “Word2025!” can be cracked in under an hour. If attackers gain access to a corporate email, they may try phishing, brute-force attacks, or malware installation on work devices.
The risk is higher in hybrid and bring-your-own-device (BYOD) setups, where personal and work activities often mix. Experts recommend regular password updates, avoiding reuse, and running security scans on all devices.
Also Read: Philippines ranks 2nd in Asia-Pacific for leaked Steam accounts
Companies should also monitor for leaked credentials and educate employees about safe online habits. A single compromised account could open the door to broader threats.
Featured image from Unsplash
