Skip to main content

Kaspersky finds leaked Netflix, Roblox and Discord accounts registered on corporate emails

6 May 2025

Employees may also use corporate emails to register for personal accounts on marketplaces and social media, increasing the risk of account theft and corporate security breaches, according to a study by Kaspersky Digital Footprint Intelligence. Kaspersky shares these findings and suggests key cybersecurity practices to mitigate the risks of credential leaks.

Kaspersky experts analysed compromised credentials leaked on the dark web between 2019 and 2024 for three popular entertainment platforms: Roblox, Discord and Netflix. The analysis revealed that, on average, 7% of users whose accounts were leaked had registered on these platforms using a corporate email address.

“Registering on various services for personal use with a work email is not best practice. First, you may lose access to these accounts if you change jobs. Second, it can pose security risks for both you and your company. If your passwords follow a predictable pattern across different services – for example, ‘Word2025!’, where ‘2025’ is a recurring part – it increases the likelihood of other accounts being compromised, including your work account, should your corporate email be exposed in a dark web leak," explains Sergey Shcherbel, expert at Kaspersky Digital Footprint Intelligence.

Kaspersky experts also found that bank employees most commonly registered their work email addresses on streaming services, marketplaces and social networks. In a few cases, corporate emails were also used as logins on gaming platforms and adult content websites.

Corporate email usage on entertainment platforms_statistics from a sample of 50 banking sector companies

Corporate email usage on entertainment platforms: statistics from a sample of 50 banking sector companies.

To conduct this study, experts compiled a sample of 50 banking sector companies and examined compromised credentials leaked on the dark web, identifying those linked to the corporate domains of these companies across five categories of popular platforms.

If you encounter a data leak through infostealers, the following steps should be taken immediately:

  • Change compromised account passwords and monitor for suspicious activity associated with those accounts.
  • Run full security scans on all devices, removing any detected malware.
  • Companies are recommended to monitor dark web markets proactively to detect compromised accounts before they pose risks to customers or employees. A detailed guide on setting up monitoring can be found here. Leverage Kaspersky Digital Footprint Intelligence to track what cybercriminals know about your company’s assets, identify potential attack vectors, and implement protective measures in a timely manner.
  • As an enterprise, implement a security awareness program for employees, including regular training and performance assessments. Enforce a strict password policy for all corporate resources to reduce the risks of encountering credential-related cyber threats.

Learn more in the report.

Kaspersky finds leaked Netflix, Roblox and Discord accounts registered on corporate emails

Employees may also use corporate emails to register for personal accounts on marketplaces and social media, increasing the risk of account theft and corporate security breaches, according to a study by Kaspersky Digital Footprint Intelligence. Kaspersky shares these findings and suggests key cybersecurity practices to mitigate the risks of credential leaks.
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases