Back

cbssports.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event affecting cbssports.com, with a high risk score of 98. The primary drivers are a large volume of historical data breaches (58,231 events) and active infostealer logs (9,707 events), accounting for 85.7% and 14.3% of the total events respectively. These events are predominantly linked to "Combolist sources" (99.6%) and "Database dumps" (0.4%), suggesting credential stuffing or account takeover attempts. The timeline shows a notable spike in employee-related events in January 2026 (190 events) and client-related events in March 2026 (18,616 events), indicating periods of heightened compromise. Malware families such as Rhadamanthys, Redline, and LummaC2 are frequently observed, all known for their credential-stealing capabilities. The majority of affected systems are running Windows 11 and Windows 10, with "cbssports.com" and its login pages being the most targeted services. Given the high risk score and the nature of the events, this exposure poses a critical threat to both employee and client data integrity and confidentiality. The prevalence of infostealer logs and data breaches linked to credential compromise necessitates immediate attention to secure user accounts and prevent further unauthorized access. Remediation efforts should focus on strengthening authentication mechanisms, such as implementing multi-factor authentication, reviewing and revoking compromised credentials, and enhancing monitoring for suspicious login activity across all targeted services, particularly the login portals of cbssports.com. The observed malware families also warrant targeted detection and removal strategies.

Total Events

67,938
credential exposure events

Employee Affected Events

284
account email domain = cbssports.com

Client Affected Events

67,654
service target = cbssports.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
20,00013,3336,6670
peak month 18,616
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events9,707
Share14%
Data breaches
Events58,231
Share86%
Infostealer logs (14%)
9,707events
Data breaches (86%)
58,231events

284 compromised employee accounts pose an infrastructure risk, while 67,654 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender176
McAfee26
Malwarebytes24
Avast9
Windows Defender McAfee VirusScan8
Windows Defender [ON]4
Windows Defender.1
Windows Defender AVG Antivirus.1
Windows Defender Kaspersky Total Security1

Malware Families Distribution

Distribution of Active Stealer Strains

Rhadamanthys1,371
Redline1,294
LummaC21,282
Acreed883
Vidar447
X-Files405
Millenium136
RisePro55
StealC47

Top Login URLs

Top exposed services found in the event results

  1. 1cbssports.com6,197
  2. 2https://www.cbssports.com/login5,283
  3. 3https://cbssports.com4,735
  4. 4cbssports.com/login3,830
  5. 5https://www.cbssports.com3,456
  6. 6https://www.cbssports.com/registration2,847
  7. 7www.cbssports.com/login2,623
  8. 8www.cbssports.com2,473
  9. 9cbssports.com/registration1,846
  10. 10https://www.cbssports.com/1,507

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events4,204
Canada
Events285
Kenya
Events128
Philippines
Events124
Indonesia
Events88
Venezuela
Events86
Mexico
Events64
India
Events51

Country Breakdown

  1. 1United States4,204
  2. 2Canada285
  3. 3Kenya128
  4. 4Philippines124
  5. 5Indonesia88
  6. 6Venezuela86
  7. 7Mexico64
  8. 8India51

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Cisco (AnyConnect)7

Operating System Distribution

Distribution of compromised endpoint builds

Windows 111,381
Windows 11 24H2 build 26100 (64 Bit)884
Windows 10 Home x64659
Windows 10 Enterprise x64390
Windows 10 22H2 build 19045 (64 Bit)349

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
58,015
Combolist pools
216
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.