The Containment Era is here. →Explore

aviatrix logoAviatrix
Under Active Attack
Industry Category

Information Services

Breach intelligence, attack campaigns, and threat reports targeting the Information Services sector.

4 threat reports
Page 1 of 1

Explore Other Sectors

Accounting
Aerospace/Aviation
Agriculture
Airlines/Aviation
Animation
Apparel/Fashion
Architecture/Planning
Artificial Intelligence
Artificial Intelligence/Machine Learning
Arts/Crafts
Automotive
Aviation/Aerospace
Banking/Mortgage
Biotechnology/Greentech
Blockchain/Cryptocurrency
Broadcast Media
Broadcasting Media
Broadcasting/Media
Building Materials
Business Supplies/Equipment
Capital Markets/Hedge Fund/Private Equity
Chemical
Chemicals
Civic/Social Organization
Civil Engineering
Cloud Computing
Cloud Computing/SaaS
Cloud Services
Commercial Facilities
Commercial Real Estate
Computer Games
Computer Hardware
Computer Networking
Computer Software/Engineering
Computer/Network Security
Construction
Consulting
Consumer Electronics
Consumer Goods
Consumer Services
Cosmetics
Cosmetics
Critical Manufacturing
Cryptocurrencies
Customer Services
Cybersecurity
Dairy
Dating/Personal Services
Defense/Space
Design
E-Learning
Education Management
Electrical/Electronic Manufacturing
Emergency Services
Energy
Energy/Oil/Solar/Greentech
Entertainment/Movie Production
Environmental Services
Events Services
Facilities Services
Farming
Fashion/Apparel
Financial Services
Fine Art
Fishery
Food Production
Food/Beverages
Fortune 500 companies
Franchising
Fundraising
Gambling/Casinos
Gaming
Gaming/Casinos
Government Administration
Government Facilities
Government Relations
Graphic Design/Web Design
Health Care / Life Sciences
Higher Education/Acadamia
Hospitality
Human Resources/HR
Import/Export
Individual/Family Services
Industrial Automation
Information Services
Information Technology/IT
Insurance
International Affairs
International Trade/Development
Internet
Investment Banking/Venture
Investment Management/Hedge Fund/Private Equity
Judiciary
Law Enforcement
Law Practice/Law Firms
Legal Services
Legislative Office
Leisure/Travel
Logistics/Procurement
Luxury Goods/Jewelry
Machinery
Management Consulting
Manufacturing
Maritime
Marketing/Advertising/Sales
Mechanical or Industrial Engineering
Media Production
Medical Equipment
Medical Practice
Military Industry
Mining/Metals
Mobile
Museums/Institutions
Music
Newspapers/Journalism
Non-Profit/Volunteering
Oil/Energy/Solar/Greentech
Online Publishing
Outsourcing/Offshoring
Package/Freight Delivery
Parking
Pharmaceuticals
Philanthropy
Photography
Plastics
Political Organization
Primary/Secondary Education
Professional Training
Public Relations/PR
Public Safety
Publishing Industry
Railroad Manufacture
Real Estate/Mortgage
Recreational Facilities/Services
Religious Institutions
Renewables/Environment
Research Industry
Restaurants
Retail Industry
Robotics
Rural Healthcare
Security/Investigations
Semiconductors
Sporting Goods
Sports
Staffing/Recruiting
Supermarkets
Technology
Technology/IT
Telecommunications
Think Tanks
Toys and Games
Transportation
Travel/Tourism
Trucking/Freight
Utilities
Venture Capital/VC
Warehousing
Water and Wastewater
Water and Wastewater Systems
Water and Wastewater Treatment
Water, Waste, Steam, and Air Conditioning Services
Water/Wastewater Management
Water/Wastewater/Utilities
Wholesale
Wireless

Information Services Threat Reports

Showing 14 / 4 reports
Oxford University CareerConnect Data Breach Exposes User Information
Impact· MEDIUM
Higher Education/Acadamia

Oxford University CareerConnect Data Breach Exposes User Information

On May 28, 2026, Oxford University's CareerConnect platform, managed by third-party provider Group GTI, was compromised. Attackers accessed users' first names, last names, email addresses, and encrypted passwords for those not using Single Sign-On (SSO). Students using SSO were less affected, with only their names and email addresses exposed. GTI has since addressed the security vulnerability and implemented additional measures. ([careers.ox.ac.uk](https://www.careers.ox.ac.uk/article/careerconnect-secured-and-safe-to-use-following-data-security-incident?utm_source=openai)) This incident underscores the risks associated with third-party service providers in educational institutions. It highlights the importance of robust security measures and vigilant monitoring to protect sensitive user data from unauthorized access.

2 weeks ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(low)
LM
Lateral Movement(low)
C&C
Command & Control(low)
E
Exfiltration(low)
I
Impact(high)
Read Report
Data Broker Sentenced for Selling Elderly Americans' Personal Information
Impact· HIGH
Financial Services

Data Broker Sentenced for Selling Elderly Americans' Personal Information

Between 2016 and 2023, Troy Murray, a 57-year-old from North Carolina, operated under the alias "Steve Dixon" to sell personal information of over 7 million elderly Americans to Jamaican scammers. These "lead lists" included names, phone numbers, addresses, and email addresses, which were used to perpetrate lottery fraud schemes. Murray charged approximately $500 per list, generating over $5.2 million in illicit profits. He was sentenced in May 2026 to 121 months in prison, three years of supervised release, and ordered to forfeit $5.2 million. ([bleepingcomputer.com](https://www.bleepingcomputer.com/news/security/man-sent-to-prison-for-selling-data-of-7-millions-elderly-americans/amp/?utm_source=openai)) This case underscores the escalating threat of elder fraud, with the FBI reporting a 37% increase in complaints from individuals aged 60 and older in 2025 compared to the previous year. Total losses for this demographic reached nearly $7.8 billion, highlighting the urgent need for enhanced protective measures and regulatory oversight to safeguard vulnerable populations. ([bleepingcomputer.com](https://www.bleepingcomputer.com/news/security/man-sent-to-prison-for-selling-data-of-7-millions-elderly-americans/amp/?utm_source=openai))

3 weeks ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(high)
Read Report
LexisNexis Data Breach: A Wake-Up Call for Third-Party Platform Security
Impact· HIGH
Legal Services

LexisNexis Data Breach: A Wake-Up Call for Third-Party Platform Security

In December 2024, LexisNexis Risk Solutions experienced a data breach when an unauthorized party accessed data stored on GitHub, a third-party platform used for software development. The breach, discovered in April 2025, exposed personal information of over 364,000 individuals, including names, contact details, Social Security numbers, driver's license numbers, and dates of birth. The company has since notified affected individuals and offered two years of complimentary identity protection and credit monitoring services. This incident underscores the critical importance of securing third-party platforms and the potential risks associated with their use. Organizations must ensure robust security measures are in place to protect sensitive data, especially when utilizing external services for development purposes.

3 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(low)
C&C
Command & Control(low)
E
Exfiltration(high)
I
Impact(high)
Read Report
Iron Mountain's 2026 Data Breach: A Closer Look
Impact· LOW
Information Services

Iron Mountain's 2026 Data Breach: A Closer Look

In February 2026, Iron Mountain, a global leader in information management services, experienced a security incident involving unauthorized access to a single folder on a public-facing file-sharing site. The Everest ransomware group claimed responsibility, alleging the theft of 1.4 TB of internal documents containing client information. However, Iron Mountain clarified that the breach was limited to marketing materials, accessed through a compromised login credential, with no evidence of ransomware deployment or further system compromise. This incident underscores the persistent threat posed by ransomware groups like Everest, which have increasingly targeted organizations across various sectors. Their tactics often involve exploiting compromised credentials to gain unauthorized access, emphasizing the need for robust access controls and vigilant monitoring to prevent such breaches.

4 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(medium)
E
Exfiltration(high)
I
Impact(high)
Read Report
[ INCIDENT RESPONSE // UNDER ATTACK? ]

Stop Active Cloud Data Exfiltration

Aviatrix Breach Lock helps teams instantly identify what data is leaving the environment, from which workload, and where it’s going — during an active breach.

Under Attack

Looking for threats in a different sector?

Browse All Threat Reports