For the price of a steak dinner, one in five workers would gladly give up their passwords to anyone that kindly asks for it.

A survey has shown that 20% of employees would sell their passwords, with 44% of them willing to do it for less than $1,000. Some would give up their corporate credentials for less than $100, according to the SailPoint Market Pulse Survey, and workers in the U.S. looked most willing to put their passwords up for sale.

In its survey of 1,000 respondents across six countries, SailPoint—a company that manages user access in organizations—revealed a range of “poor password hygiene” habits that still plague companies (and might surprise bosses). For instance, the study found that 65% use a single password among all applications, and in the spirit of generosity, one in three workers share credentials with their colleagues.

This seems to clash with another finding: 32% of respondents said they had been personally affected by a recent data breach. It’s this dichotomy that the SailPoint survey hopes to highlight. “The commonality across almost every breach is hackers are now targeting the weakest link in the security infrastructure: people,” the study said.

Last year, there were a reported 781 data breaches, according to a report by the Identity Theft Resource Center, with around 708 million records compromised, according to another study. According to ITRC, employee error or negligence made up 14.9% of all incidences, the second largest reason for a breach, and more than double the number in 2012.