Back

erieinsurance.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting erieinsurance.com, with over 52,000 total events recorded between July 2025 and June 2026. A substantial portion of these events, nearly 94%, are classified as historical data breaches, while the remaining 6% are active infostealer logs. The data suggests a high volume of employee and client compromise, with peaks in September 2025 and January 2026. The primary malware families observed are Redline and Rhadamanthys, both known for credential theft. The exposure appears to originate from combolist sources and database dumps, with a notable presence in the United States, Netherlands, and Germany.

Total Events

52,239
credential exposure events

Employee Affected Events

40,969
account email domain = erieinsurance.com

Client Affected Events

11,270
service target = erieinsurance.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
10,0006,6673,3330
peak month 9,720
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events3,201
Share6%
Data breaches
Events49,038
Share94%
Infostealer logs (6%)
3,201events
Data breaches (94%)
49,038events

40,969 compromised employee accounts pose an infrastructure risk, while 11,270 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender38
Windows Defender Trend Micro Internet Security5
Windows Defender.3
Windows Defender McAfee.2
Windows Defender AVG Antivirus.1
Kaspersky1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,820
Rhadamanthys224
LummaC2198
Acreed161
Vidar74
X-Files63
Millenium30
RisePro9
Remus7

Top Login URLs

Top exposed services found in the event results

  1. 1erieinsurance.com1,639
  2. 2https://www.erieinsurance.com/Account/createaccount/AccountCredentials825
  3. 3https://erieinsurance.com760
  4. 4https://www.erieinsurance.com712
  5. 5https://www.erieinsurance.com/Account/Login/Idp528
  6. 6www.erieinsurance.com473
  7. 7erieinsurance.com/Account/createaccount/AccountCredentials360
  8. 8https://www.erieinsurance.com/319
  9. 9https://www.erieinsurance.com/Account/Login/Login311
  10. 10www.erieinsurance.com/Account/createaccount/AccountCredentials307

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events1,131
Netherlands
Events418
Germany
Events364
Denmark
Events167
United Kingdom
Events42
Sweden
Events31
France
Events30

Country Breakdown

  1. 1United States1,131
  2. 2Netherlands418
  3. 3Germany364
  4. 4Denmark167
  5. 5United Kingdom42
  6. 6Sweden31
  7. 7Luxembourg30
  8. 8France30

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

F5153
Citrix54
Microsoft25
Cisco (AnyConnect)24
FortiNet VPN19
Pulse Secure11
Git3

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11225
Windows Server 2012 R2 x32133
Windows 10 Home x32128
Windows 8 x32125
Windows Server 2012 x32120

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
40,760
Combolist pools
8,278
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.