Back

jcb.co.jp Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain jcb.co.jp exhibits a high-risk score of 94, primarily driven by a significant volume of historical data breaches (84.6%) and active infostealer logs (15.4%). Over the observed period, there were 30,682 historical data breaches and 5,593 infostealer events. The timeline indicates a notable increase in client-related events, particularly in March 2026, and employee-related events in September 2025 and January 2026. The most prevalent malware families are LummaC2, Rhadamanthys, and Vidar, all associated with credential theft. The data suggests a widespread compromise affecting both clients and employees, with a substantial portion of the exposure originating from combolist sources, indicating potential credential stuffing attacks against services like my.jcb.co.jp. The high risk score and the prevalence of infostealer malware targeting credential harvesting warrant immediate attention. The large number of historical data breaches and active infostealer logs suggest a persistent threat actor or multiple actors actively exploiting vulnerabilities or compromised credentials. Remediation efforts should focus on strengthening authentication mechanisms, such as implementing multi-factor authentication across all services, particularly for employee and client portals like my.jcb.co.jp. A thorough review of security logs for suspicious activity related to the identified malware families and targeted services is also recommended, alongside user education on phishing and credential security best practices.

Total Events

36,275
credential exposure events

Employee Affected Events

356
account email domain = jcb.co.jp

Client Affected Events

35,919
service target = jcb.co.jp

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
12,0008,0004,0000
peak month 10,420
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events5,593
Share15%
Data breaches
Events30,682
Share85%
Infostealer logs (15%)
5,593events
Data breaches (85%)
30,682events

356 compromised employee accounts pose an infrastructure risk, while 35,919 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender164
Windows Defender ウイルスバスター クラウド75
Windows Defender ESET Security17
Windows Defender マカフィー8
Windows Defender マカフィー セキュリティエージェント6
Windows Defender マカフィー ウイルススキャン ノートン 3605
Windows Defender Sophos Intercept X5
Windows Defender.5
Windows Defender ノートン セキュリティ5

Malware Families Distribution

Distribution of Active Stealer Strains

LummaC2773
Rhadamanthys675
Vidar518
Redline513
Acreed370
Remus115
Millenium93
Raccoon73
StealC31

Top Login URLs

Top exposed services found in the event results

  1. 1https://my.jcb.co.jp/Login2,888
  2. 2https://my.jcb.co.jp2,659
  3. 3my.jcb.co.jp2,251
  4. 4my.jcb.co.jp/Login1,827
  5. 5https://my.jcb.co.jp/1,363
  6. 6jcb.co.jp1,060
  7. 7my.jcb.co.jp/876
  8. 8https://my.jcb.co.jp/iss-pc/member/user_manage/regist_id/userRegistIdInput.html850
  9. 9https://jcb.co.jp803
  10. 10my.jcb.co.jp/login800

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Japan
Events3,210
United States
Events34
Malaysia
Events31
Philippines
Events14
India
Events14
Thailand
Events13
Taiwan
Events13

Country Breakdown

  1. 1Japan3,210
  2. 2United States34
  3. 3Malaysia31
  4. 4Liechtenstein16
  5. 5Philippines14
  6. 6India14
  7. 7Thailand13
  8. 8Taiwan13

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11544
Windows 11 Home339
Windows 11 24H2 build 26100 (64 Bit)284
Windows 10 22H2 build 19045 (64 Bit)208
Windows 10 Enterprise x64173

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
30,573
Combolist pools
109
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.