How successful are attacks that take advantage of password reuse by trying leaked credentials
Study: 2017 Credential Spill Report
Date: January 2017
"Shape typically observes success rates of 0.1% to 2% when stolen credentials from one site are used by cybercriminals to log in to and take over accounts on other sites." Which means trying 1 million leaked credentials could result in gaining access to 1,000 to 20,000 accounts on a completely different site due to password reuse.