Thirty percent of CEOs have used their company email address to register for a service that was later breached, exposing their password and other potentially valuable details, reveals a new report.
The finding comes from a study conducted by researchers at F-Secure, who checked known email addresses for over 200 CEOs at the biggest companies in 10 countries against a database of leaked credentials.
For CEOs at major tech companies, the percentage of exposed passwords grew to 63 percent, which is likely due to a higher adoption of online services.
According to the report, the top breached service that CEOs linked their company email address with was professional networking sit LinkedIn (53 percent), followed by the file sharing service Dropbox (18 percent).
Additionally, the report found that the majority of CEOs (81 percent) have had their personal information leaked – such as email address, phone number, address and birthdate – on spam lists and marketing databases.
When observing the results by country, CEOs in the UK, USA, Netherlands and France topped the list for having details leaked on spam and other lists. Meanwhile, Italy and Japan had the lowest numbers of CEOs appearing on such lists.
All in all, just 18 percent of CEO email addresses were not associated with any leak or hack.
“Our findings underscore the importance of using a unique, strong password for each online account,” read F-Secure’s report.
“The passwords hacked from these services are floating around on the internet, waiting to be wielded by attackers in targeting their victims. Re-using a password to log in to a work-related account that has also been used for a breached service is a scenario that could be potentially exploited by a motivated attacker
For additional key findings, read the full CEO Email Exposure: Passwords and Pwnage report here (PDF).