Travel Alberta
Travel Alberta
Group: medusa
Discovered by ransomware.live: 2024-09-30
Estimated attack date: 2024-09-30
Country:
Description:
Travel Alberta ( founded in 2009 ),is a tourism marketing organization for the province of Alberta. Travel Alberta corporate office is located in 400-1601 9 Ave SE, Calgary, Alberta, T2G 0H4, Canada and has 110 employees. The total amount of data leakage is 799.80 GB
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 3
Third Party Employee Credentials: 0
External Attack Surface: 3
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- travelalberta-com.mail.protection.outlook.com.
TXT Records
- XojtlPXRiqoPGvmgEi+QkTGAry/7wT/xjGoIEUFBJCizeHXWt27FA61ujZp8LFVDesyWvoZwGK8uAJui8PSXtw==
- facebook-domain-verification=924pa9r2gom7ezvc56i8ra4zqnfx8g
- dJp2FJEpQxaSx7yUCSSaOInHJVUfkBW5cVGfmgbWF2mqhrqcXtcGZP3SSz3Wh+Hu1yaws+93Gsvv5OzU4uZGog==
- globalsign-domain-verification=115756AFAB64434AC8CF8E0AC73C792D
- wgwnv.x.incapdns.net
- v=spf1 ip4:208.115.47.125 ip4:216.13.209.77 ip4:40.121.144.77 ip4:104.41.149.140 ip4:198.145.10.35 include:spf.protection.outlook.com ip4:64.251.76.244/28 ip4:139.142.123.248/29 ip4:209.139.250.65/28 ip4:184.69.102.12/32 ip4:142.179.103.55/32 ip4:72.2.4.1" "28/32 include:sendgrid.net ip4:103.151.192.0/23 ip4:185.12.80.0/22 ip4:188.172.128.0/20 ip4:192.161.144.0/20 ip4:216.198.0.0/18 ip4:188.172.221.24/32 ip4:97.111.17.218/32 ip4:208.98.199.170/32 ip4:208.98.199.171/32 ip4:208.98.199.172/32 ip4:208.98.199.173" "/32 ip4:149.96.5.3/32 include:mktomail.com include:service-now.com ip4:103.23.64.2 ip4:103.23.65.2 ip4:103.23.66.26 ip4:103.23.67.26 ip4:148.139.104.16 ip4:148.139.104.17 ip4:148.139.105.16 ip4:148.139.105.17 ip4:149.96.1.26 ip4:149.96.132.2 ip4:149.96.13" "3.2 ip4:149.96.194.2 ip4:149.96.195.2 ip4:149.96.2.26 ip4:149.96.220.2 ip4:149.96.221.2 ip4:199.91.136.28 ip4:199.91.140.28 ip4:52.233.62.247 ip4:168.245.11.193 -all
- google-gws-recovery-domain-verification= 39979175
- jd3ubcv.impervadns.net
- MS=ms31808056
- onetrust-domain-verification=611ec712f9154f63a8559bb31dac86be
- globalsign-domain-verification=23C01308300330119083F55C955F35B0
- miro-verification=4864dc381544e71cf74020d43dcf8d7712513b8c
- google-site-verification=1qKIndTjKZ2Cf1qRfO3dPAMAVhXx98bFDhuTiMYLWII
Cloud / SaaS Services Detected
Microsoft 365
Marketo
Miro
SendGrid
OneTrust
Leak Screenshot:
