Paul Davis Restoration
Paul Davis Restoration
Group: medusa
Discovered by ransomware.live: 2024-03-04
Estimated attack date: 2024-03-04
Country:
Description:
Paul Davis Restoration - founded in 1966, the company currently operates throughout North America (including franchises) and specializes in disaster recovery, restoration and reconstruction.. Paul Davis Restoration corporate office is located in 21 Harvey St, Kingston, Ontario, K7K 5C1, Canada and has 467 employees.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 3
Compromised Users: 4
Third Party Employee Credentials: 5
External Attack Surface: 6
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- pauldavis-com.mail.protection.outlook.com.
TXT Records
- QyqHuE4A9MszpTUbjlmLb1yrmbgcWci2sDTnjMZ4TiyQFwuqnjgVszxIz5YnuQmMTK86/7amCUUL74v8LqRauQ==
- v=spf1 include:spf.protection.outlook.com ip4:192.31.208.49/30 include:docebosaas.com include:spf.mandrillapp.com include:_spf.intacct.com include:u34211923.wl174.sendgrid.net include:spf.mailjet.com include:_spf.qualtrics.com include:_spf.salesforce.com " "-all
- 7c7996a319714a60b3e7c3fcf42acfa8
- k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlSJDZI2UgoJiFbFd4g9OS1H0cCxkrjQBlWl1cAn/W6GSsJkm/bppYe24fqotxmUuw/5aIBqLVVvOLxffs7NRb5GFhOmY89iuDrOK9+tLVSIyE7Kws8J6G5sbAjNzesLWCKyGunizVmIcIu+3xQHNwb6ADC+FjclY5Nvk7cHOuRwIDAQAB
- mandrill_verify._YY-1_lnFCerBYKRkLg3Pw
- apple-domain-verification=fXUYS8aDKGS2ORXx
- intacct-esk=C2114379DB959B27E0539A220D0AA19C
- intacct-esk=B69F5AD09252F09EE0539A220D0A1B7C
- openai-domain-verification=dv-1ntddxCDlJ3AOQ1Xeiyb06O8
- MS=ms95145225
- DEA3493213
- uvGR0uKj96yHHQf7mB5JT1M9wKICtz3QUpqUXuOpplXjHa3cAFlX4nQ440CdV2kVAwiNxpsbpdjJOGIxgXHSbg==
Cloud / SaaS Services Detected
Apple
Mailchimp
Microsoft 365
Salesforce
Mandrill
Mailjet
SendGrid
Leak Screenshot:
