Novo Nordisk
novonordisk.com
Description:
[AI generated] Novo Nordisk is a Danish multinational pharmaceutical company headquartered in Bagsværd, Denmark. Founded in 1923, it specializes in treatments for diabetes, obesity, hemophilia, and other chronic conditions. The company is a global leader in insulin production and develops drugs such as semaglutide. It operates in over 80 countries and is one of Europe's most valuable corporations by market capitalization.
Infostealer activity detected by HudsonRock
Compromised Employees: 44
Compromised Users: 143
Third Party Employee Credentials: 197
External Attack Surface: 62
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabusecscglobal.com
MX Records
- de-smtp-inbound-2.mimecast.com. Mimecast
- de-smtp-inbound-1.mimecast.com. Mimecast
TXT Records
- pendo-domain-verification=NJMmqjL3c-NqtBdo2H0myBFY2Gs
- ms-domain-verification=7858a5ff-95a7-452e-ac3f-639e4a9ed44
- docusign=c18b454d-86d2-4a95-bc96-4db097df589a
- 7snyzsclcv56sqnxfxpy926spc66wh1p
- apple-domain-verification=L2i1npqj86hrj9ZE
- cisco-ci-domain-verification=6eae3d1b73916fa3af79dfe13f3e15f91995ee71bd0b0ea8f93e46ae5fb392c8
- 95oqq7iba777fnsoolliej5nl9
- adobe-sign-verification=ff8746891979fe9034aa475e16ba2261
- confluent-verification=6a454465-7ae0-48a8-90df-2719216e6660
- amazonses:KK5VFO2WzHBCQSWveSClPWH1897F7VUdWtyb4QWpFwk=
- _x5negtto10rdgx2rewx0fh3rsxdjwmc
- citrix-verification-code=5d690936-0842-44c4-8e0c-ad16c003652b
- khjrym30lz5p5n9bk0nrmzp6hd6bvc4q
- pwcm6fjy5c5wstvm4fsdm0fhd5ql6brh
- google-site-verification=k24dSEJXlFUt37dYu_bxpWwM_i47ZOIxGvyn9XAX80s
- hk2gtzr545s17d78xrxd22ccfrr0glvk
- flexera-domain-verification-kmdswudckqpsiynj
- docusign=226f570a-3188-4bd6-a1dd-7eba65afb40c
- cisco-ci-domain-verification=bcbbf2a4eff7627778e8d522d371758a369ee52b7bb9706f33fdad2273c85a
- openai-domain-verification=dv-kBiU7fkS3tHJdVWHopzBG66b
- hcp-domain-verification=f27a26b52ce6f46de7d463d0973d2bc9742859d1bffa57c122e073fe1e72a06b
- onetrust-domain-verification=c8aff46266404feaaddaf1bcbf543e0b
- infoblox-domain-mastery=82d7b7cdaf2810666d5d09382501dd4d47532684c445c8f06a83db59b4324dd7f6
- atlassian-domain-verification=inmTr3ORb1Q5QSnGOlPsK1v7GgCzGLjy10X4rbiLjdkZdp1bqfirMZgfaRaU5XtQ
- intersight=67781c9375d85f5b12c7e65a926183016e7f604dc7aa8debaa4d974f1da50135
- adobe-idp-site-verification=75939edd99e542a1dc135a5bfe8c30885a0bbaf779f139d9a305d7389a9d8c75
- MS=ms14575230
- atlassian-domain-verification=nQC94ILDVjkRcdVva/yYM+gpUasYIOEX8Km1CltoBTMc257uuz1/+1LCBXVB9M8x
- t2flry2mk21mnxl97jttmk9nq97j114m
- g7r2ov5tgece854hr6r2lktl8p
- onetrust-domain-verification=01af2d2b32a64f7688d0ae4f503c638c
- Dynatrace-site-verification=fb91faf2-9f77-45e2-a584-3f0233df9793__mh54cjlipt1v2srmhukpskr1ej
- 95r9sf82yv0f28y20hr47hz5fvsn05jz
- 800a24le6vko5g63naf3uu43o
- MS=ms41001382
- intersight=d38004bacc97ce0232556739fde0e33848134e2c7867a51c24435d2ebe6bab6f
- yxdwk9rkz5hngpl6tlcmy53vg07byg6r
- _d1vl29mjbw2nhm19zfue2isrb8jzdd8
- logmein-verification-code=f5064a1e-db47-4abc-9b67-ae52540ac7dc
- 8rg8p4mt961jtgjg839w85mgvwxzyfkn
- y44l5flqyqcv4c2kyp23fb9704n25vbx
- 51x6z8bg6nl8bpbmjbd7hj9vzhx25fks
- miro-verification=51ef10e33bebcad84608423eb9772aea97781d8e
- mindmanager-verification=d6443a6487793750349861a4ad23225b49063dee50d41fca2432bf8cfa31e157
- jamf-site-verification=qNRq8gCiPmtPO0jo8V2Jlw
- b68vklxnfm2wqd1wk96w5k2r9hsrccg3
- tdvtn50yhjyqdblg5mnq7v6p192s0y6g
- nnextweb-redirect-svc.azurewebsites.net
- docusign=b9b9b53e-a28d-47bf-a2a1-a0f53ce1353d
- 7pmpvl28g16kfq98ln3u36lpg3
- 6m3dj8y7cfh40494hf4x45t0wynzgcpy
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:de._netblocks.mimecast.com ~all
- dtm-domain-verification=hRgZ5jXszlH_iQxO9almoEJdRJ9U2HbwFWOOtzwOfh4
- msfpkey=11qy0dc99pqpn0l2bstmlpf7q
- YpvPADRELBJJfpjxZdCTsiduUmWDymIBbQfj0lKlaiNg2k0a2Bfl1wuggGhal3CS7MCiok/1HIodeWahEKH1PQ==
- hysg138kglw0wh807n9kp04yw7pq1md3
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
OpenIA
Miro
LogMeIn
Flexera
JamF
Cisco
OneTrust
Mimecast
DocuSign
Leak Screenshot:
Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.