A new report out from a cybersecurity firm suggests that the vast majority of businesses are dealing with stolen passwords and hacked accounts on a regular basis.
Sophos, a well known name in online security, asked 5,000 IT bosses across 17 countries about their experiences. The findings, released in early 2026, show that 71 out of every 100 companies faced at least one incident where someone’s identity was compromised in the last twelve months. On average, each business went through three such events.
Some firms got hit hard. Around 5% said they had 6 or more breaches.
The study found a strong link between stolen logins and ransomware, the type of attack where hackers lock up files and demand payment. Among those who fell victim to ransomware, 67% said the whole thing started with an identity theft.
Fixing the damage does not come cheap. The average bill for recovery stood at
1.64 million. Half of the affected companies paid 750,000 or more. And nearly three quarters, 73%, spent at least $250,000.
When researchers asked companies about the main fallout from these breaches, here is what they heard. Data theft topped the list at 49%. Ransomware came next at 48%. Financial theft followed closely at 47%.
One of the biggest takeaways from the report is that many organizations are not keeping a close eye on who is trying to log in. Only 24% monitor for unusual login attempts all the time. More than half wait three months or longer between checks.
That lack of vigilance has consequences. Around 14% of businesses that got hacked could not catch their most serious identity attack before damage had already been done. Smaller companies with between 100 and 250 workers were nearly twice as likely to miss the attack compared to medium sized ones.
Certain industries are having a tougher time. Energy companies, along with oil, gas, and utilities, reported the highest breach rate at 80%. Federal and central government agencies followed at 78%.
The report also found that firms finding compliance rules very difficult had a breach rate of 82.4%. That is noticeably higher than the 68.3% rate for those who found compliance easier to handle.
Source: Sophos