Verizon’s Data Breach Investigations Report (DBIR) found that 95 percent of breaches involve the exploitation of stolen credentials. Many recent high-profile breaches can be traced back to stolen passwords, either from third-party vendors or from corporate employees.