HQ/EMEAFind out how we can help your business
A massive data breach incident involving the cybersecurity threat intelligence platform SOCRadar has allowed threat actors to scrape millions of emails.
Reports revealed that the July 29 cybercriminal incident on the platform was caused by the notorious cybercriminal group dubbed USDoD. The hackers allegedly scraped over 332 million email addresses from the platform’s website using a legitimate account.
Moreover, the reports revealed that these attackers acquired access by obtaining a license under a legitimate firm name. The account enabled them to search for domain names and collect email addresses from public Telegram channels, resulting in the disclosure of a 14 GB CSV file containing scraped data.
SOCRadar insisted that the attack did not reach its internal systems.
SOCRadar claimed the attackers did not breach its internal systems or exploit any vulnerabilities during the event. However, the USDoD operators abused the platform’s intended purpose of collecting the emails, raising ethical questions about the risks posed by the authorised data collection process.
Although the disclosed emails did not include sensitive information, they still pose a significant threat since the potentially impacted individuals, especially the email owners, will be exposed to various cybercriminal activities. These threats may include phishing campaigns, brute force attacks, and credential stuffing if the hackers paired the exposed data from earlier breaches.
On the other hand, SOCRadar immediately reviewed its platform security policies and collaborated with law enforcement to avoid further abuse. The company assured its clients that no sensitive internal information was compromised during the event. Furthermore, the company also claimed that it is dedicated to working with affected parties to mitigate or prevent the risks associated with the data leak incident.
The SOCRadar incident is the latest event that could impact numerous individuals despite not directly compromising critical details. The disclosure of millions of email addresses poses a massive risk to both individuals and companies as it could allow the threat actors to execute targeted attacks.
Therefore, the potentially affected parties in the attack on this threat intelligence platform should be more cautious of their digital presence and avoid unsolicited communications since they are now susceptible to cybercriminal activities.
