A significant data breach has reportedly affected Zacks Investment Research, a prominent investment research firm based in the United States. Recent findings reveal that account information from nearly 12 million users has been leaked online, following a cyberattack in June. This incident was disclosed in a report by BleepingComputer, which detailed how the compromised data was found on BreachForums late last month.
The breach allowed an unauthorized actor to infiltrate Zacks’ active directory as a domain administrator. This access enabled the threat actor to extract sensitive data, including source code from Zacks’ main website and an additional 16 associated sites. The compromised information encompasses a variety of personal details, such as full names, usernames, physical and email addresses, and phone numbers. The perpetrator is reportedly seeking a modest sum of cryptocurrency for this stolen account information.
At present, Zacks Investment Research has not officially confirmed the data breach; however, Have I Been Pwned has identified approximately 12 million unique records in the leaked database. These records include email addresses, usernames, IP addresses, and hashed passwords that utilize a SHA-256 algorithm without salted protection. It is notable that a majority of the exposed email addresses have previously appeared in other data breaches, suggesting a broader issue of security across various platforms. Moreover, this incident surfaces two years after Zacks disclosed that over 9 million of its customers were affected by two prior data breaches, raising concerns about the company’s data security measures.
From a cybersecurity perspective, several tactics and techniques from the MITRE ATT&CK framework may have been exploited during the attack. Initial access could have been gained through phishing or exploiting a vulnerability within Zacks’ systems, followed by privilege escalation to gain domain administrative access. The persistence of the intruder might have involved installing backdoors or leveraging existing user accounts to maintain access. Such techniques emphasize the necessity for businesses to adopt comprehensive cybersecurity strategies that encompass detection, prevention, and response measures to safeguard sensitive data.
As the landscape of cyber threats continues to evolve, the Zacks breach serves as a stark reminder of the vulnerabilities that organizations face. Business owners must remain vigilant, continuously assess their cybersecurity frameworks, and implement robust protective measures. Awareness and preparedness can significantly mitigate the risks associated with data breaches, thereby protecting both corporate assets and customer trust.
