SpyCloud's 2026 Identity Exposure Report Highlights Surge in Non-Human Identity Theft

SpyCloud’s 2026 Identity Exposure Report revealed a significant rise in non-human identity (NHI) theft, with cybercriminals increasingly targeting machine identities such as API keys, service accounts, and cloud credentials. The report, published on 19th March 2026, analyzed breach data and malware logs, identifying over 1.2 billion exposed NHI credentials in 2025 alone, a 450% increase from the previous year. Threat actors exploited these credentials to bypass traditional security controls, move laterally within networks, and exfiltrate sensitive data. The findings highlight the growing risk of automated attacks leveraging stolen NHIs to compromise enterprise environments. SpyCloud, a cybersecurity firm based in Austin, TX, compiled the research using its proprietary breach and malware data repositories.