When Marketing Vendors Get Attacked, Clients Suffer: Third-Party Risk Discovery in the DNS
Security incidents that start out in a third party can be detrimental to a connected organization. FortifyData recently listed some of the year’s top third-party data breaches,1 highlighting the threat’s commonality and scale.
WhoisXML API zoomed in on one of the incidents on the list—the AT&T data breach, where 9 million accounts2 were exposed after their marketing vendor suffered an incident. Some of our key findings are:
- 8,400+ domains containing the names of popular marketing vendors, very few of which could be publicly attributed to the companies
- Less than half had IP resolutions, with several hosting suspicious content unrelated to the imitated companies
- Dozens of domains flagged as malicious, hinting at a pattern that uses the string us followed by a number
- 570+ domains following the malicious pattern added from 1 January to 5 May 2023
- 4% of the us-containing domains were malicious
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
-  https://fortifydata.com/blog/top-third-party-data-breaches-in-2023/
- 2] https://www.securityweek.com/millions-of-att-customers-notified-of-data-breach-at-third-party-vendor/