sirva.com
sirva.com
Group: lockbit3
Discovered by ransomware.live: 2023-10-05
Estimated attack date: 2023-10-05
Description:
We have over 1.5TB of documents leaked + 3 full backups of CRM for branches (eu, na and au)Sirva Worldwide, Inc. provides HR and mobility professionals with the resources, guidance, and support they need to achieve the best possible relocation for...
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- sirva-com.mail.protection.outlook.com.
TXT Records
- MS=ms73533034
- t+dI6Er74PIMDEy/jITVWfb5zXbm1OIdmLkyWkzcQQzOTWD0lfAhsTh3+3aHnb+3DkLLmgM8FUXOhtnVSA0bng==
- v=spf1 include:spf.protection.outlook.com include:spf1.sirva.com include:mail.zendesk.com include:5120690.spf10.hubspotemail.net include:_spf.salesforce.com ip4:67.231.152.177 ip4:206.208.247.35 ip4:206.208.247.36 ip4:40.79.69.112 ip4:104.209.174.117 ip4:" "104.45.74.93 ip4:66.147.237.225 ip4:208.84.65.220 -all
- prd-us-sf-sirvacom.azurewebsites.net
- docusign=407fd7bb-ca85-4f38-86ad-8018a79f800e
- google-site-verification=quuAGUnb9bltPYNGSOB9nBERhjXFcseydEyTCFTeVug
- google-site-verification=Be-VfcJ3GU5zUre_o0JuxnpZUfg_I92M611DrG0V52s
- finicity_partner_id:2445583980941
- finicity_partner_id:2445583989360
- finicity_partner_id:2445583992053
- google-site-verification=FlOBZdBtcwZfhAiWuZ6rlFTJsQ7J095Nmbp6YkwsJHc
- contractworksverify=2uiW788n
- google-site-verification=E9n4nkPalpQfT24IZ-41o9B7IE0ScVfYcml3GIYvuPs
Cloud / SaaS Services Detected
HubSpot
Microsoft 365
Salesforce
Zendesk
DocuSign
Leak Screenshot:
