Buy Me a Coffee

This space is available for sponsoring Ransomware.live Contact us to sponsor this space

Logo haes.ca

Group: Blackbasta

Discovered by ransomware.live: 2024-01-23

Estimated attack date: 2023-12-13

Country: CA

Description:

High Arctic is an energy services provider. High Arctic is a market leader in Papua New Guinea providing drilling and specialized well completion services and supplies rental equipment including rig matting, camps, material handling and drilling support equipment. In western Canada High Arctic provides pressure control equipment on a rental basis to a number of exploration and production companies.SITE: www.haes.ca Address : 330 5th Ave SW Ste 2350, Calgary, Alberta, T2P 0L4, CanadaALL DATA SIZE: 345gb 1. Human Resources 2. Finance 3. Executive and Governance 4. Administration 5. Projects and etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 1

External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@godaddy.com
  • Please ask the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Other contacts of the queried domain name
MX Records
  • haes-ca.mail.protection.outlook.com.
TXT Records
  • ca3-2c6f0c599d5c4c21b490149d6014ce98
  • knowbe4-site-verification=df548f5bf2307826f8e838d058ab70e3
  • MS=ms85499135
  • ca3-716fac876d4041eab1acedc9c4665d0f
  • v=spf1 include:spf.protection.outlook.com ip4:207.148.171.248/29 ip4:51.143.4.17/32 ip4:68.179.88.100 ip4:72.29.249.220 ip4:72.29.227.205 ip4:64.94.12.219 ip4:96.45.10.9 ip4:20.69.100.94 ip4:20.112.79.50 ip4:210.79.31.59 -all
  • apple-domain-verification=34QqzvbwQfHb4DgF
Cloud / SaaS Services Detected
Apple Microsoft 365 KnowBe4

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.