Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks
Credential exposure data sourced from HudsonRock Cavalier — covering domains linked to ransomware victims tracked on this platform.
| # | Domain | Employees | Users | 3rd Parties | Total |
|---|---|---|---|---|---|
| 1 | epicgames.com | 236 | 2,771,943 | 79 | 2,772,179 |
| 2 | sony.com | 273 | 1,899,260 | 643 | 1,899,533 |
| 3 | ubisoft.com | 230 | 1,263,015 | 221 | 1,263,245 |
| 4 | udemy.com | 40 | 1,157,708 | 17 | 1,157,748 |
| 5 | hbomax.com | 259 | 1,005,189 | 100 | 1,005,448 |
| 6 | reddit.com | 147 | 857,694 | 29 | 857,841 |
| 7 | wordpress.com | 381 | 779,575 | 166 | 779,956 |
| 8 | hp.com | 2,799 | 567,357 | 1,522 | 570,156 |
| 9 | nike.com | 220 | 481,183 | 444 | 481,403 |
| 10 | correios.com.br | 420 | 429,864 | 377 | 430,284 |
| # | Group | Victims with stealer data | % of group victims | |
|---|---|---|---|---|
| 1 | ralord | 12 / 12 | 100.0% | |
| 2 | siegedsec | 10 / 11 | 90.9% | |
| 3 | dunghill | 13 / 15 | 86.7% | |
| 4 | lapsus$ | 12 / 14 | 85.7% | |
| 5 | shinyhunters | 54 / 64 | 84.4% | |
| 6 | hellcat | 16 / 20 | 80.0% | |
| 7 | dragonransomware | 31 / 39 | 79.5% | |
| 8 | ransomexx | 23 / 31 | 74.2% | |
| 9 | snatch | 44 / 62 | 71.0% | |
| 10 | apt73 | 92 / 136 | 67.6% | |
| 11 | coinbasecartel | 99 / 149 | 66.4% | |
| 12 | funksec | 101 / 154 | 65.6% | |
| 13 | babuk2 | 88 / 135 | 65.2% | |
| 14 | moneymessage | 16 / 25 | 64.0% | |
| 15 | darkvault | 34 / 54 | 63.0% | |
| 16 | ransomed | 30 / 48 | 62.5% | |
| 17 | fulcrumsec | 13 / 21 | 61.9% | |
| 18 | nova | 55 / 92 | 59.8% | |
| 19 | stormous | 70 / 124 | 56.5% | |
| 20 | dispossessor | 171 / 309 | 55.3% |