Standing Intelligence Requirements

For the most up to date list of ZeroFox Threat Research’s Intelligence Requirements, please visit:

https://cloud.zerofox.com/intelligence/advisories/14956

Details

MemberReportAccess.com, a U.S.-based search site for vehicle history, driving records, public records, arrest records etc., in which 895,789 email addresses which were subsequently shared on a deep web platform. Of these, 890,560 records were successfully linked to plain-text passwords. The threat actor did not disclose the ultimate source of the data breach or how it was exploited.

Recommendations

• If not already enabled, turn on the compromised credentials rule for all relevant entities and ensure relevant emails are entered for those entities, or reach out to [email protected] for assistance
• If one of your entities receives an alert, ZeroFox recommends immediate password changes for the affected account
• Enable multi-factor authentication for all of your organizational accounts to help mitigate phishing and credential stuffing attacks