Phillip Townsend Associates
Phillip Townsend Associates
Group: blacksuit
Discovered by ransomware.live: 2024-04-03
Estimated attack date: 2024-04-03
Country:
Description:
Phillip Townsend Associates is the leader in global benchmarking solutions, headquartered in Houston, Texas.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 0
Third Party Employee Credentials: 1
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- us-smtp-inbound-2.mimecast.com.
- us-smtp-inbound-1.mimecast.com.
TXT Records
- google-site-verification=Xsfzd7OT5xowxHIHBC_yiJXkGelJZozgdscn7TMn2Es
- 0ed1fe018a37e7fedbddb944eb863be02756ed9bd2
- 9m50s90eunaoq7ffossj8qhp02
- 4thp4ddjnf29c4taqqpvp66hm0
- ks9zs952c7zm6w7v3ly80sbb24q3mc17
- l00b5v45uab8moo22q90e57tdp
- ifj1thm2rljr2779slk9ooggjs
- cisco-ci-domain-verification=b9325f4d254bf04a209ec3588be03d53779144c7d1143f29012b84fb0c34288
- r85k9fusiq22ukkodj2sgkip4e
- MS=ms18403344
- v=spf1 include:us._netblocks.mimecast.com a:mail.ptai.com ip4:64.129.168.38 a:dnsus1.accellion.com a:dnsus2.accellion.com include:ptai-com.spf.smtp25.com include:spf.protection.outlook.com -all
- pne54eki5fq6td1hjd5a0oj7jg
- o3naefe7pmfcka49rjdgij00s0
Cloud / SaaS Services Detected
Microsoft 365
Cisco
Mimecast
Leak Screenshot:
