Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks
Credential exposure data sourced from HudsonRock — covering domains linked to ransomware victims tracked on this platform.
| # | Domain | Employees | Users | 3rd Parties | Total |
|---|---|---|---|---|---|
| 1 | epicgames.com | 236 | 2,771,943 | 79 | 2,772,179 |
| 2 | ubisoft.com | 378 | 2,080,174 | 375 | 2,080,552 |
| 3 | sony.com | 273 | 1,899,260 | 643 | 1,899,533 |
| 4 | udemy.com | 40 | 1,157,708 | 17 | 1,157,748 |
| 5 | hbomax.com | 259 | 1,005,189 | 100 | 1,005,448 |
| 6 | reddit.com | 147 | 857,694 | 29 | 857,841 |
| 7 | wordpress.com | 382 | 780,450 | 166 | 780,832 |
| 8 | hp.com | 2,799 | 567,357 | 1,522 | 570,156 |
| 9 | nike.com | 268 | 508,440 | 558 | 508,708 |
| 10 | correios.com.br | 420 | 429,864 | 377 | 430,284 |
| # | Group | Victims with stealer data | % of group victims | |
|---|---|---|---|---|
| 1 | ralord | 12 / 12 | 100.0% | |
| 2 | lapsus$ | 14 / 15 | 93.3% | |
| 3 | siegedsec | 10 / 11 | 90.9% | |
| 4 | dunghill | 13 / 15 | 86.7% | |
| 5 | shinyhunters | 59 / 69 | 85.5% | |
| 6 | hellcat | 16 / 20 | 80.0% | |
| 7 | dragonransomware | 31 / 39 | 79.5% | |
| 8 | ransomexx | 23 / 31 | 74.2% | |
| 9 | snatch | 44 / 62 | 71.0% | |
| 10 | apt73 | 92 / 135 | 68.1% | |
| 11 | coinbasecartel | 103 / 154 | 66.9% | |
| 12 | funksec | 101 / 154 | 65.6% | |
| 13 | babuk2 | 88 / 135 | 65.2% | |
| 14 | moneymessage | 16 / 25 | 64.0% | |
| 15 | darkvault | 34 / 54 | 63.0% | |
| 16 | ransomed | 30 / 48 | 62.5% | |
| 17 | fulcrumsec | 14 / 23 | 60.9% | |
| 18 | nova | 56 / 93 | 60.2% | |
| 19 | stormous | 75 / 131 | 57.3% | |
| 20 | lockbit2 | 13 / 23 | 56.5% |