ShadowMap

Dark Web Exposure for sap.com

Credentials, devices and data found in dark web stealer logs & breaches
83
Exposure level: Critical
sap.com scores 83/100 based on leaked credentials, compromised devices, and stolen financial & session data found on the dark web.
Most recent exposure 20 days ago Last 90 days +34% 2% reuse a top-10 password
Employee exposure
corporate accounts — @sap.com
8,047
leaked credentials · 793 compromised devices
Top exposed employee accounts
floyd.con***@sap.com288
evgenii.skrebt***@sap.com226
daniel.bi***@sap.com225
jose.maria.ca***@sap.com219
vishwas.***@sap.com179
Where staff accounts were caught
certauth.sts.global.corp.sap635
accounts.sap.com398
sts.global.corp.sap393
hanacloudservices-eu.accounts.ondemand.com298
login.microsoftonline.com215
Customer exposure
stolen logins for sap.com
166,040
leaked credentials · 1,559 compromised devices
Top exposed customer accounts
sulemankhalid***@gmail.com82
s002110557773
humairaaslam2***@gmail.com61
jayachandrau***@gmail.com59
kamal.merh***@hotmail.com58
Most targeted services
accounts.sap.com83,305
account.sap.com23,185
open.sap.com16,194
www.sap.com13,076
jobs.sap.com6,352
173,368
Exposed Credentials
1,592
Compromised Devices
0
Credit Cards
3
Crypto Wallets
1,278
Auth Tokens
1,842,405
Stolen Cookies

Exposure over time (credentials leaked per month)

2024-012026-05

Corporate SaaS & shadow-IT exposed (employee logins to third-party services)

SAP719
Zoom254
Microsoft 365221
LinkedIn65
Amazon/AWS44

Most common passwords 2% reuse a top-10 password

P@***12259
Ka***96257
12***o@222
Up***56214
Sa***8!173
Ab***34163
99***vV152
In***!!133
Pa***34131
Ka***id127

Stolen sessions (active cookies that can bypass MFA)

youtube.com59,137
google.com31,082
adnxs.com24,791
bing.com22,143
pubmatic.com20,709
criteo.com20,286

Compromised despite antivirus (AV installed on infected devices)

Windows Defender80
ESET Security4
360 Total Security2
AVG Antivirus1
Avast Antivirus1
Avira Security1

Financial, crypto & app tokens

Crypto wallets
metamask3
App / session tokens
Google1,162
Discord96
Telegram20

Where devices were compromised (by country)

Mexico [MX]21
Colombia [CO]16
Peru [PE]16
Argentina [AR]11
Ecuador [EC]9
Top cities
Bogotá7
Lima6
Buenos Aires4
Santa Cruz4
Santa Lucía4

Browsers & apps affected

Microsoft Edge (Default)232
Google Chrome (Default)198
Browser/Logins/Default_Default[148a5ade].txt48
Edge [Default]43
Google Chrome (Profile 2)40
Google Chrome (Profile 3)38

Stealer malware families seen

RedLine RisePro

Related companies

sbi.co.in securitybrigade.com sabic.eu sacec.in sadhugroup.com safexfire.com saiadvantium.com sailife.com

Explore

All scorecards Most exposed companies Companies “S”
Check your own exposure →

Free dark web & attack-surface check by ShadowMap

Figures are aggregate counts derived from dark web stealer logs and public breach data. Data is indicative and updated periodically.