Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo northernsafety.com_wa

Group: blackbasta

Discovered by ransomware.live: 2024-07-15

Estimated attack date: 2024-06-07

Country: US

Description:

Northern Safety Co., Inc. operates as a personal safety equipment distributor company. The Company offers disposable respirators, earplugs, first aid kits, gloves, hard hats, safety glasses, safety supplies, traffic work boots, and fall harnesses. Northern Safety serves customers in the United States.SITE: www.northernsafety.com Address : 761 S. Danny Thomas Blvd. Memphis, TN 38126 USAALL DATA SIZE: ≈750gb 1. Corporate data 2. Finance data 3. HR 4. Users, Employees personal, confidential data & etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 150

Third Party Employee Credentials: 8

External Attack Surface: 21


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse-complaints squarespace.com
MX Records
  • smtp1-na.witglobal.net.
TXT Records
  • MS=ms40673597
  • v=spf1 mx ip4:209.217.217.192/26 ip4:65.240.141.80 ip4:216.26.170.133 ip4:65.216.166.159 ip4:74.112.66.82 ip4:74.112.65.32 ip4:104.238.227.0/24 ip4:62.225.131.188 ip4:185.101.4.13 ip4:185.101.4.11" " ip4:209.236.96.122 include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:limajo.witglobal.net include:330211.spf03.hubspotemail.net -all
  • _b755g018pbl51dxtku2g1t5g53dx8oz
  • cjc9bk12znsz8vrf6tgbl47sc1y796kf
  • 6E98A9F993FF41728B0DC546FB5BBDDA7D01A961DDC4986D15D79CF0182BF547
  • yahoo-verification-key=UnV9iF6YklKlFCpwgiy9OI8x0xLOCqASal7dnm/qQJ4=
  • 7FLqvV/BlhCq7s0c8etrT3oKA29sEpYSPNwVMsFovf3vbAn+krobtYc3ISSyXkKBc7BGAVsSNp2DddctOr/JpA==
Cloud / SaaS Services Detected
HubSpot Microsoft 365 Mimecast

Leak Screenshot:

Leak Screenshot