Henry Schein Inc - Henry's " LOST SHINE "
Henry Schein Inc - Henry's " LOST SHINE "
Group: alphv
Discovered by ransomware.live: 2023-12-05
Estimated attack date: 2023-12-05
Description:
*
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 53
Compromised Users: 389
Third Party Employee Credentials: 23
External Attack Surface: 94
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- mxb-001d3a01.gslb.pphosted.com.
- mxa-001d3a01.gslb.pphosted.com.
TXT Records
- v=spf1 ip4:35.80.141.6 ip4:64.238.211.94 ip4:209.177.165.161 ip4:69.74.24.142 ip4:69.74.24.143 ip4:69.74.24.144 ip4:69.74.24.88 ip4:60.205.6.70 ip4:39.107.247.185 include:spf-001d3a01.pphosted.com include:spf.protection.outlook.com include:mailgun.org inc" "lude:mktomail.com include:_spf.general.transactional-mail-a.com include:24879667.spf01.hubspotemail.net -all
- facebook-domain-verification=prhn9j5xiomjle2k07wi7moedxeifp
- apple-domain-verification=n2RUtj4liB4ALZFb
- atlassian-domain-verification=B4dwaa019nyMCKa//I6ttaiflBgtBsuCl82NkCuvdV2J4L9NHUWmTqegcTLSs2m0
- webexdomainverification.=457e43db-042a-4d7d-83b2-ecaf5b07e9e5
- facebook-domain-verification=3eh89ze6hwh7nroyv5s9jw58u43fwl
- amazonses:j3DB6nNEdAj0dOBxbJmY7ld+QiXhVOAp9LNZbg9sud0=
- OlPi4ckRZaUissYfv3/NWXpbEeChgXoINf2eLSM8PpQismNU2VSDMxdzLioM8kwnycTDsWqykMQhNNQuk7+E9g==
- google-site-verification=cO15kghxg0w2r7YKMkpXIWxJVIjH3iChtbvN_CX_WlQ
- MS=ms66212310
- docusign=f0b81483-5ece-495d-b110-b88e9200a8ac
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
HubSpot
Microsoft 365
Marketo
Mailgun
DocuSign
Proofpoint
Cisco Webex
Leak Screenshot:
