An orphaned account in cybersecurity refers to a user or system account that remains active within an organization's network or application but no longer has an associated or authorized owner. These accounts typically arise after employees leave the company, change roles, or during system migrations when account management processes are not thoroughly followed. Orphaned accounts pose significant security risks, as they can be exploited by malicious actors to gain unauthorized access to sensitive systems and data. Regular auditing and prompt deactivation of unused accounts are essential best practices to minimize the threat posed by orphaned accounts.