Grupo Santillana
Grupo Santillana
Group: hellcat
Discovered by ransomware.live: 2025-03-25
Estimated attack date: 2025-03-24
Country:
Description:
We hold sensitive files from Santillana, the largest business unit of Spain’s publicly traded Prisa media group. The company must act quickly to prevent the exposure of this data.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 140
Compromised Users: 768
Third Party Employee Credentials: 382
External Attack Surface: 122
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- 54e83393-9616-4295-9b9e-0897f9ea22c1 identity-protect.org
MX Records
- santillana-com.mail.protection.outlook.com.
TXT Records
- d365mktkey=54g6jaz8c5p2wxtnuyp7z0meo
- google-site-verification=bd7fnzYvY0-JdQudftOOkvRrrslgA1nyOR7D_cBJ3xI
- d365mktkey=1xk5d40n6y6wxj8o20ebnlvrj
- d365mktkey=653sak10knnmp4lkp0z2948bl
- zoom-domain-verification=5cb4f6e3-b566-4eab-9573-8bceb0224b4f
- adobe-idp-site-verification=b5c313e7f1df3d5e628a3008e2e7d9705ac4c9696babb3e4b7898f5880f17632
- infoblox-domain-mastery=77245b4f07723b8c9bc29e48a6cbaee2c1c40a27c74a1158e090a1fb42364a240e
- qndtx6hsy8m4pt33knb3kz76cyp5jm77
- MS=ms96199414
- v=spf1 a:mail-out.grupoprisa.net include:spf.santillana.com include:sendgrid.net include:spf.protection.outlook.com include:amazonses.com include:mail.zendesk.com include:amazonses.com include:_pmta2.antevenio.com -all
- o5WhKSTbR7xxNbgWBqzDC0tDbh+X0kEe/FfSEtPOxW8=
- qbtb5esnj7d5jscb21b2d24e4l
- 47u19eqtrote20d3evjuladfk0
- google-site-verification=GmeK-NnNjGKRFhryYmsyq6AC22aSrD0emdkgG6r_kqQ
- Sendinblue-code:3b6eea36b2b2c1cf82823aceeffa101a
- atlassian-domain-verification=MWUBFpCD2zYBXKHoDvY/w7wr4hdmTnjGM0U6KQ5aHHROKvICrBzAbtTeXWQ/ABUe
- d365mktkey=V4EO007A471eQ6UjSStxPgQgyexlHvU7HsxxR0gCYhgx
- d365mktkey=4cll2ep039d4i8o3o3c48txo4
- msfpkey=1q470h75mvqsm0wbqn30b7gpj
- d365mktkey=7bog9gv9olo0mplsbp1jfoqmf
- d365mktkey=ofbosp1yxoyb6y37z0an88ip
- d365mktkey=5qlu4tpqm0vkfzcafmp4us4jl
- adobe-idp-site-verification=10091c1a-d9c8-417d-b81b-c7cdd1432933
- k1rff9zyqzxp2y8177jvwv58c7k3tbv9
Cloud / SaaS Services Detected
Adobe
Atlassian
Amazon SES/WorkMail
Microsoft 365
Zendesk
SendGrid