Infostealer Victims List

org: "Coca Cola",
info: "64GB of Salesforce data obtained by hackers",
date: "June 05, 2025",
url: "https://www.infostealers.com/article/mandiant-exposes-salesforce-phishing-campaign-as-infostealer-malware-emerges-as-a-parallel-threat/",
domain: "coca-cola.com",
},
{
org: "Islamabad Police",
info: "APT obtained email access used to deliver spear phishing",
date: "May 28, 2025",
url: "https://www.infostealers.com/article/pakistan-telecommunication-company-ptcl-targeted-by-bitter-apt-during-heightened-regional-conflict/",
domain: "islamabadpolice.gov.pk",
},
{
org: "Dutch Police",
info: "Contact details of the agency’s 65,000 officers",
date: "May 28, 2025",
url: "https://www.infostealers.com/article/russian-laundry-bear-hackers-breach-dutch-police-using-infostealers/",
domain: "politie.nl",

},
{
org: “Royal Mail Group”,
info: “144GB data leak of internal data”,
date: “April 2, 2025”,
url: “https://www.infostealers.com/article/royal-mail-group-loses-144gb-to-infostealers-same-samsung-hacker-same-2021-infostealer-log/”,
domain: “royalmail.com”,
},
{
org: “HighWire Press, Inc”,
info: “Internal files stolen”,
date: “April, 2025”,
url: “https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/”,
domain: “highwirepress.com”,
},
{
org: “Asseco Poland S.A.”,
info: “Internal files stolen”,
date: “April, 2025”,
url: “https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/”,
domain: “asseco.com”,
},
{
org: “Racami, LLC”,
info: “Internal files stolen”,
date: “April, 2025”,
url: “https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/”,
domain: “racami.com”,
},
{
org: “LeoVegas Group”,
info: “Internal files stolen”,
date: “April, 2025”,
url: “https://www.infostealers.com/article/hellcat-ransomware-group-strikes-again-four-new-victims-breached-via-jira-credentials-from-infostealer-logs/”,
domain: “leovegasaffiliates.com”,
},
{
org: “Jaguar Land Rover”,
info: “Hacked via infostealer, source codes”,
date: “March 17, 2025”,
url: “https://www.infostealers.com/article/jaguar-land-rover-breached-by-hellcat-ransomware-using-its-infostealer-playbook-then-a-second-hacker-strikes/”,
domain: “jaguarlandrover.com”,
},
{
org: “StreamElements”,
info: “Third-party breach via Infostealers, 100K+ affected users”,
date: “March 2025”,
url: “https://www.infostealers.com/article/streamelements-confirms-third-party-data-breach-from-an-infostealer-infection/”,
domain: “streamelements.com”,
},
{
org: “Samsung (Germany)”,
info: “Infostealer data leak, 270K tickets”,
date: “March, 2025”,
url: “https://www.infostealers.com/article/samsung-tickets-data-leak-infostealers-strike-again-in-massive-free-dump/”,
domain: “samsung.com”,
},
{
org: “Orange Romania”,
info: “Infostealer infection leading to a, 7.19GB Jira leak”,
date: “February 2025”,
url: “https://www.infostealers.com/article/ais-role-in-turning-massive-data-leaks-into-hacker-paydays-a-look-at-the-orange-breach/”,
domain: “orange.ro”,
},
{
org: “Schneider Electric”,
info: “Infostealer, 40GB Jira data stolen”,
date: “January 2025”,
url: “https://www.infostealers.com/article/ais-role-in-turning-massive-data-leaks-into-hacker-paydays-a-look-at-the-orange-breach/”,
domain: “se.com”,
},
{
org: “Telefónica (Spain)”,
info: “Infostealer, ticketing system breach”,
date: “January 2025”,
url: “https://www.infostealers.com/article/telefonica-breach-infostealer-malware-opens-door-for-social-engineering-tactics/”,
domain: “telefonica.com”,
},
{
org: “Hot Topic”,
info: “Infostealer, 350M customer records”,
date: “October 1, 2024”,
url: “https://www.infostealers.com/article/largest-retail-breach-in-history-350-million-hot-topic-customers-personal-and-payment-data-exposed-as-a-result-of-infostealer-infection/”,
domain: “hottopic.com”,
},
{
org: “WideOpenWest (WOW!)”,
info: “Hacked via infostealer, 403K records”,
date: “September 2024”,
url: “https://www.infostealers.com/article/arkana-ransomware-group-hacks-wideopenwest-using-data-from-an-infostealer-infection/”,
domain: “wowway.com”,
},
{
org: “AT&T”,
info: “Snowflake hack, 242M records”,
date: “July 2024”,
url: “https://www.cnbc.com/2024/07/12/snowflake-shares-slip-after-att-says-hackers-accessed-data.html”,
domain: “att.com”,
},
{
org: “Ticketmaster”,
info: “Snowflake hack, 560M records”,
date: “June 2024”,
url: “https://www.securityweek.com/snowflake-hack-impacts-ticketmaster-other-organizations/”,
domain: “ticketmaster.com”,
},
{
org: “Santander Bank”,
info: “Snowflake hack, 30M records”,
date: “June 2024”,
url: “https://www.wired.com/story/snowflake-breach-advanced-auto-parts-lendingtree/”,
domain: “santander.com”,
},
{
org: “Advance Auto Parts”,
info: “Snowflake hack, 380M profiles”,
date: “June 2024”,
url: “https://www.wired.com/story/snowflake-breach-advanced-auto-parts-lendingtree/”,
domain: “advanceautoparts.com”,
},
{
org: “LendingTree”,
info: “Snowflake hack, 190M linked data”,
date: “June 2024”,
url: “https://www.wired.com/story/snowflake-breach-advanced-auto-parts-lendingtree/”,
domain: “lendingtree.com”,
},
{
org: “Pure Storage”,
info: “Snowflake hack, analytics data”,
date: “June 2024”,
url: “https://www.cybersecuritydive.com/news/snowflake-customer-attacks-what-we-know/719056/”,
domain: “purestorage.com”,
},
{
org: “LAUSD”,
info: “Snowflake hack, 24M records”,
date: “June 2024”,
url: “https://socradar.io/overview-of-the-snowflake-breach/”,
domain: “lausd.net”,
},
{
org: “Cylance”,
info: “Snowflake-related, 34M emails”,
date: “June 2024”,
url: “https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/”,
domain: “cylance.com”,
},
{
org: “Neiman Marcus”,
info: “Snowflake hack, 70M transactions”,
date: “June 2024”,
url: “https://socradar.io/overview-of-the-snowflake-breach/”,
domain: “neimanmarcus.com”,
},

{
org: “Argentina Police”,
info: “Infostealer, 12K emails leaked”,
date: “March 2024”,
url: “https://www.infostealers.com/article/how-hackers-really-used-infostealers-for-the-biggest-recent-cyber-breaches/”,
domain: “argentina.gob.ar”,
},
{
org: “AU10TIX”,
info: “Infostealer, ID verification breach”,
date: “February 2024”,
url: “https://www.infostealers.com/article/id-verification-service-for-x-tiktok-breached-due-to-an-infostealer-infection/”,
domain: “au10tix.com”,
},
{
org: “Google”,
info: “Infostealer, law enforcement system hack”,
date: “February 2024”,
url: “https://www.infostealers.com/article/infostealer-infections-lead-to-hacking-of-google-tiktok-and-meta-law-enforcement-systems/”,
domain: “google.com”,
},
{
org: “TikTok”,
info: “Infostealer, law enforcement system hack”,
date: “February 2024”,
url: “https://www.infostealers.com/article/infostealer-infections-lead-to-hacking-of-google-tiktok-and-meta-law-enforcement-systems/”,
domain: “tiktok.com”,
},
{
org: “Meta”,
info: “Infostealer, law enforcement system hack”,
date: “February 2024”,
url: “https://www.infostealers.com/article/infostealer-infections-lead-to-hacking-of-google-tiktok-and-meta-law-enforcement-systems/”,
domain: “meta.com”,
},
{
org: “Binance”,
info: “Infostealer, law enforcement portal access”,
date: “February 2024”,
url: “https://www.infostealers.com/article/hacker-sells-access-to-binances-law-enforcement-portal-cryptocurrency-holders-at-risk/”,
domain: “binance.com”,
},
{
org: “Change Healthcare”,
info: “Infostealer infection leading to a successful $22M ransomware attack”,
date: “February 2024”,
url: “https://www.infostealers.com/article/single-citrix-compromised-credential-results-in-22000000-ransom-to-change-healthcare/”,
domain: “changehealthcare.com”,
},
{
org: “Orange Spain”,
info: “Infostealer infection leading to a RIPE account hijack”,
date: “January 3, 2024”,
url: “https://www.infostealers.com/article/top-5-breaches-caused-by-infostealer-infections/”,
domain: “orange.com”,
},
{
org: “Brazil’s Police Portal”,
info: “Infostealer, database access rented”,
date: “December 2023”,
url: “https://www.infostealers.com/article/hacker-uses-infostealer-data-to-gain-access-to-brazils-police-portal/”,
logo: “https://www.infostealers.com/wp-content/uploads/2025/04/Flag_of_Brazil.svg_.png”,
},
{
org: “Airbus”,
info: “RedLine infostealer infection leading to a 3,200 sensitive suppliers leak”,
date: “September 2023”,
url: “https://www.infostealers.com/article/top-5-breaches-caused-by-infostealer-infections/”,
domain: “airbus.com”,
},
{
org: “CircleCI”,
info: “Infostealer infection leading to database access”,
date: “January 2023”,
url: “https://www.infostealers.com/article/top-5-breaches-caused-by-infostealer-infections/”,
domain: “circleci.com”,
},
{
org: “Uber”,
info: “Infostealer infection leading to internal network access”,
date: “September 2022”,
url: “https://www.infostealers.com/article/top-5-breaches-caused-by-infostealer-infections/”,
domain: “uber.com”,
},
{
org: “MediBank”,
info: “Infostealer infection leading to 9M records stolen”,
date: “August 2022”,
url: “https://www.linkedin.com/posts/alon-gal-utb_new-details-about-medibanks-cyberattack-activity-7208891333762076673-kJNc”,
domain: “medibank.com.au”,
},
{
org: “EA Sports”,
info: “Infostealer, source code stolen”,
date: “July 2021”,
url: “https://www.infostealers.com/article/how-hackers-really-used-infostealers-for-the-biggest-recent-cyber-breaches/”,
domain: “ea.com”,