Back

cummins.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting cummins.com, with 118,150 historical data breaches and 8,280 active infostealer logs detected between July 2025 and June 2026. The majority of these events are attributed to historical data breaches, comprising 93.5% of the total, while active infostealer logs account for 6.5%. The data suggests a substantial risk to employee and client data, with 89,284 employee-related events and 37,146 client-related events. Malware families such as Redline, LummaC2, and Rhadamanthys are prevalent, targeting login services like mylogin.cummins.com and access.cummins.com, with a notable concentration of activity originating from India and the United States. Given the high volume of historical data breaches and the presence of active infostealer logs, this situation warrants immediate attention. The focus should be on comprehensive data breach remediation, including incident response, forensic analysis, and potential notification procedures. Additionally, efforts to mitigate the impact of infostealer malware are critical, involving endpoint security enhancements, user education on phishing and credential compromise, and monitoring for further unauthorized access attempts targeting authentication services.

Total Events

126,430
credential exposure events

Employee Affected Events

89,284
account email domain = cummins.com

Client Affected Events

37,146
service target = cummins.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
40,00026,66713,3330
peak month 38,310
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events8,280
Share7%
Data breaches
Events118,150
Share94%
Infostealer logs (7%)
8,280events
Data breaches (94%)
118,150events

89,284 compromised employee accounts pose an infrastructure risk, while 37,146 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender.30
Windows Defender30
Windows Defender Reason Cybersecurity18
Windows Defender AVG Antivirus.6
Reason Cybersecurity1
Avira1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline3,051
LummaC21,188
Rhadamanthys1,073
Vidar335
StealC223
RisePro203
Acreed189
Remus97
Aurora56

Top Login URLs

Top exposed services found in the event results

  1. 1https://mylogin.cummins.com/web/Cummins_Login3,425
  2. 2cummins.com2,632
  3. 3mylogin.cummins.com/web/Cummins_Login1,927
  4. 4https://mylogin.cummins.com1,519
  5. 5mylogin.cummins.com1,505
  6. 6https://access.cummins.com/RC_OnlineLogin2/cummins/cola/logindisplay.jsp1,398
  7. 7access.cummins.com985
  8. 8https://access.cummins.com952
  9. 9access.cummins.com/RC_OnlineLogin2/cummins/cola/logindisplay.jsp951
  10. 10https://quickserve.cummins.com848

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

India
Events1,394
United States
Events936
Netherlands
Events427
Germany
Events367
Kuwait
Events335
Mexico
Events297
Egypt
Events168
Denmark
Events156

Country Breakdown

  1. 1India1,394
  2. 2United States936
  3. 3Netherlands427
  4. 4Germany367
  5. 5Kuwait335
  6. 6Mexico297
  7. 7Egypt168
  8. 8Denmark156

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Microsoft1,426
Citrix70
F549
FortiNet VPN25
Git20
GitLab17
Pulse Secure17

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 22H2 build 19045 (64 Bit)1,210
Windows 10 Enterprise x64607
Windows 11328
Windows 10 Pro (10.0.19045) x64276
Windows 10 Pro231

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
72,489
Combolist pools
45,661
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.