World’s largest supplier of PowerPoint content hacked
➤Summary
Powerpoint supplier breached: Learn more details in this article.
On August 25, 2022 it became known that “world’s largest supplier of innovative, creative and highly effective PowerPoint content” has been hacked. Original database has been extracted by threat actor back in April 2021, the incident hasn’t been known about till today.
1.4 Million users have been affected by data leak belonging to SlideTeam service. Among key clients of this service we have found: Visa, MasterCard, Nike, Sony, Citi Bank, HSBC, JPMorgan, Bank of America, Microsoft, American Express, AT&T, Adobe, Samsung, Intel, NASA, Philips, Verizon, Netflix, Louis Vuitton, Oracle, SAP, Mercedes-Benz, IBM, Accenture, Cathay Pacific, Deloitte, Singapore Airlines, Wells Fargo, T-Mobile and HP.
As company describes itself:
SlideTeam is a premier Research, Consulting and Design agency that develops and templatizes industry processes and best practices, frameworks and models across all industry and verticals to help customers present their strategies effectively and convincingly. In addition, SlideTeam compiles data and statistics from thousands of sources over a wide range of topics to help customers make intelligent decisions. We develop and present our research in the form of fully editable PowerPoint templates to make it easy for our customers to create presentations based on their individual requirements.
SlideTeam.net
Data leak details
The breach included personal information of 1.4 million users. Leaked data include email addresses, first and last names, as well as Magento hashed passwords. The hacker added that: “i don’t remember the attack vector but it was a pivot from the staging server i believe”.
Kaduu Team has analysed leaked database and has been able to identify in this data breach:
- 1144 AT&T corporate accounts
- 953 Verizon corporate accounts
- 419 Accenture corporate accounts
- 280 Citi corporate accounts
- 248 HP corporate accounts
- 246 Deloitte corporate accounts
- 156 Samsung corporate accounts
- 151 Bank of America corporate accounts
- 140 Intel corporate accounts
- 135 SAP corporate accounts
- 134 Oracle corporate accounts
- 133 Philips corporate accounts
- 125 Wells Fargo corporate accounts
- 118 HSBC corporate accounts
- 113 Microsoft corporate accounts
- 75 Nike corporate accounts
- 70 JP Morgan corporate accounts
- 65 MasterCard corporate accounts
- 60 Adobe corporate accounts
- 52 T-Mobile corporate accounts
- 40 Visa corporate accounts
- 38 IBM corporate accounts
- 28 NASA corporate accounts
- 24 Sony corporate accounts
- 12 Netflix corporate accounts
- 7 Cathay Pacific corporate accounts
- 6 AmEx corporate accounts
- 6 Louis Vuitton corporate accounts
- 2 Mercedes-Benz corporate accounts
- 2 SingaporeAir corporate accounts
Your data might already be exposed. Most companies find out too late. Let ’s change that. Trusted by 100+ security teams.
🚀Ask for a demo NOW →Q: What is dark web monitoring?
A: Dark web monitoring is the process of tracking your organization’s data on hidden networks to detect leaked or stolen information such as passwords, credentials, or sensitive files shared by cybercriminals.
Q: How does dark web monitoring work?
A: Dark web monitoring works by scanning hidden sites and forums in real time to detect mentions of your data, credentials, or company information before cybercriminals can exploit them.
Q: Why use dark web monitoring?
A: Because it alerts you early when your data appears on the dark web, helping prevent breaches, fraud, and reputational damage before they escalate.
Q: Who needs dark web monitoring services?
A: MSSP and any organization that handles sensitive data, valuable assets, or customer information from small businesses to large enterprises benefits from dark web monitoring.
Q: What does it mean if your information is on the dark web?
A: It means your personal or company data has been exposed or stolen and could be used for fraud, identity theft, or unauthorized access immediate action is needed to protect yourself.