UK businesses face cyber risk from old user logins, study says

Over three-quarters of UK businesses do not immediately deactivate staff logins when employees leave, contributing to a 160 per cent increase in compromised logins over the last year, a new study says.

The study, carried out by cybersecurity firm SailPoint, surveyed 333 UK IT decision-makers on identity security and found that 77 per cent of UK businesses fail to deactivate logins when staff leave. SailPoint says that dormant accounts present a “critical window of opportunity” for hackers.

The news comes at a time of high employee turnover in the UK; the study found that 21 per cent of UK employees have left their roles in the past year, amplifying the impact of this failing.

Companies are also facing a proliferation of user access points, driven by third parties including AI agents, contractors, and suppliers. On average, organisations onboard nearly 3,000 users a month. The study also found that many businesses grant employees broader system access than their role requires – a practice known as over-provisioning, which compounds the risk posed by dormant accounts, as unnecessarily elevated permissions remain active even after a staff member departs.

A quarter of surveyed businesses report onboarding up to 250 new employees monthly, but AI agents far outnumber them. Twelve per cent of businesses say they are adding up to 10,000 AI agents and machine identities in the same period.

Despite the large number of agents being added, 28 per cent of UK organisations still rely on manual processes – such as spreadsheets or paperwork – to validate employee accounts after their responsibilities end, significantly higher than European counterparts France and Germany.

The picture is similarly concerning for AI agent management, according to SailPoint: 21 per cent of agents are still managed manually, despite their proliferation.

Mark McClain, chief executive and founder of SailPoint, said: “Organisations are experiencing an ‘access amnesia’ – a pervasive forgetfulness or lack of clarity about who or what has access to their systems, when, and why. This oversight extends not only to departing employees but also to those with existing roles and responsibilities, leaving businesses dangerously exposed as hackers seek entry points into systems. Any window of opportunity carries great risk.”

Despite these risks, 92 per cent of cybersecurity leaders surveyed in February believe that AI is a boon to their industry, according to US software firm Splunk.