Senior woman looking horrified at computer monitor
(Credit: Westend61 / Getty Images)
Data breaches are becoming more common - and costly.
Data breaches are becoming more common – and costly.

The healthcare industry leads the list of most breached sectors with some of the weakest passwords out there, according to a recent study by proprietary password manager NordPass.

The research was conducted in partnership with independent researchers who analyzed more than 290 million data breaches worldwide. They grouped passwords according to job title and industry. Among many fields affected, healthcare, technology, finance, construction, hospitality, media and marketing were shown to have some of the weakest passwords and to experience the most security incidents.

“Apparently, this is as relevant to business owners, CEOs and other C-level executives as to regular internet users. Among both audiences, the most popular password remains ‘123456,’” according to a press release issued in conjunction with the study.

Data showed that the password “123456” was used more than 1.1 million times, with the password “password” used more than 700,000 times, coming in second. Research suggests that top-level executives also extensively use names or mythical creatures as an inspiration when creating passwords, according to NordPass. Among the most popular are “dragon” and “monkey.” The most widely chosen names used in passwords are “Tiffany,” “Charlie,” “Michael” and “Jordan.”

“It is unbelievable how similar we all think, and this research simply confirms that — what we might consider being very original, in fact, can place us in the list of most common,” stated Jonas Karklys, the CEO of NordPass. “Everyone from gamer teenagers to company owners are targets of cybercrimes, and the only difference is that business entities, as a rule, pay a higher price for their unawareness.”

The cost of security breaches is increasing, NordPass said. In 2021, the average global cost of a data breach was $4.24 million, which was 10% more than 2020, according to IBM. Compromised passwords account for 20% of all breaches.

Weak passwords aren’t the only culprit, NordPass said. Re-used passwords, risky password-sharing habits, phishing scams, human error and poor cybersecurity infrastructure also are largely to blame, according to the study.

To reduce the odds of falling prey to security breaches from weak passwords, NordPass suggests that companies: 

  • Deploy a password manager. Password managers allow people to store all of their passwords in end-to-end encrypted digital storage, locked with a single keyword for the most convenience. 
  • Introduce cybersecurity training. Start with the basics, given that people have differing technology backgrounds.
  • Enable multi-factor authentication for an extra layer of security.