Data Vigilante Leaks 772K Employee Records from Top Firms and 12.3M-Row Database

****SUMMARY****

• MOVEit Flaw and Data Leak: Data stolen during the MOVEit hack spree is still creating issues for companies.

• Nam3L3ss and the Leaks: A self-proclaimed “data vigilante” named Nam3L3ss has leaked over 760,000 employee records from 27 major companies, including Bank of America, and Nokia + Jll.com’s database containing 12 million rows taking the total number to 13.12 million.

• Leaked Data Content: Leaked data includes sensitive and non-sensitive information such as names, emails, phone numbers, addresses, and company location coordinates.

• Cl0p Ransomware Link: Originally, the data was stolen by the Cl0p ransomware gang after exploiting the MOVEit flaw, while Nam3L3ss is cleaning and leaking the data.

A self-proclaimed “Data Vigilante” named Nam3L3ss has once again caused widespread concern by leaking millions of employee records online, highlighting the fallout from the major security vulnerability in file transfer software called MOVEit.

As seen by Hackread.com, Nam3L3ss has released the information of over 760,000 employees of major organizations on a popular hacking forum ‘BreachForums’ on Monday morning. The leak additionally includes the Jones Lang LaSalle Incorporated (JLL.com) database, containing over 12 million data rows, bringing the total number of leaked records to 13.12 million.

Nam3L3ss on Breach Forums leaking the Bank of America employee data (Source: Hackread.com)

****The MOVEit Mess****

The MOVEit vulnerability was identified in Progress Software’s file transfer tool in 2023 allowing threat actors unauthorized access to sensitive data. Hackers affiliated with the Cl0p ransomware gang exploited this vulnerability and stole information from thousands of companies, impacting an estimated 2,800 organizations and nearly 100 million individuals. They even created clear web websites to leak the stolen data in July 2024.

****Nam3L3ss Leaks Millions****

In November 2024, as reported by Hackread.com, Nam3L3ss emerged on the scene, leaking what they claim is data obtained from the MOVEit breach. These leaks targeted industry giants like Amazon, 3M, HP, and Delta, raising serious concerns about the security practices employed by these corporations. At that time, Nam3L3ss leaked over 7.9 million records from 27 companies.

Hackread.com analyzed the leaked data and found it contained a mix of sensitive and non-sensitive information, including names, email addresses, phone numbers, office and residential addresses, and even company location coordinates. This information could be used by malicious actors for social engineering attacks, identity theft, or targeted phishing scams.

Just weeks after the initial leaks from Nam3L3ss, another batch of employee data surfaced online on Monday. This new data dump contained records from companies like Bank of America, Koch Industries, Nokia, and Morgan Stanley, and appears to be linked to the same MOVEit vulnerability.

Here’s the full list of companies involved in this leak:

• audible.com – 3,790

• b-f.com – 1,302

• xerox.com – 42,735

• univision.net – 5,954

• saic.com – 26,917

• nokia.com – 94,252

• meijer.com – 7,422

• cna.com – 6,680

• cm3.com.au – 6,153

• ciena.com – 10,820

• bwater.com – 2,161

• kochinc.com – 237,486

• medibank.com.au – 5,201

• morganstanley.com – 32,860

• bankofamerica.com – 288,296

• joneslanglasalle.com aka jll.com – 12,352,524

• Total: 13,124,553

While Nam3L3ss claims to be a vigilante bringing attention to security flaws, their motives remain unclear. Regardless of their intentions, these leaks expose the significant impact of the MOVEit vulnerability and the risks posed by stolen employee data.

If you’re an employee of one of the affected companies, stay alert for phishing attempts. These could come through email, text messages (smishing), or even phone calls (vishing), as scammers might use this leaked data to target you.

1. Hacker Leaks Thousands of Microsoft and Nokia Employee Details
2. Hackers Calling Employees to Steal VPN Credentials from US Firms
3. Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
4. Hacker Leaks Data of 33K Accenture Employees in 3rd-Party Breach
5. Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore