Back

key.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting key.com, with 72,257 historical data breaches and 7,029 active infostealer logs observed over the reporting period. The data breaches represent 91.1% of the total events, while infostealer activity accounts for 8.9%. Employee and client data appear to be the primary targets, with 46,224 employee-related events and 33,062 client-related events. The timeline shows a surge in employee and client events in September 2025 and January 2026, coinciding with periods of high infostealer activity. Malware families such as Redline, LummaC2, and Rhadamanthys are prominent, suggesting credential harvesting and data exfiltration are ongoing threats. The targeted services are primarily related to the "ibx.key.com" domain, indicating potential compromise of online banking or financial services portals. The majority of the exposure originates from the United States, with significant activity also noted in the Netherlands and Germany.

Total Events

79,286
credential exposure events

Employee Affected Events

46,224
account email domain = key.com

Client Affected Events

33,062
service target = key.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
15,00010,0005,0000
peak month 12,979
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events7,029
Share9%
Data breaches
Events72,257
Share91%
Infostealer logs (9%)
7,029events
Data breaches (91%)
72,257events

46,224 compromised employee accounts pose an infrastructure risk, while 33,062 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender147
Windows Defender Webroot SecureAnywhere9
Windows Defender McAfee VirusScan2
Kaspersky2
Bitdefender1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline2,428
LummaC2754
Rhadamanthys676
Acreed512
Vidar227
X-Files76
Millenium70
RisePro37
Blank Grabber30

Top Login URLs

Top exposed services found in the event results

  1. 1https://ibx.key.com/ibxolb/login/index.html3,407
  2. 2https://ibx.key.com2,515
  3. 3ibx.key.com2,442
  4. 4ibx.key.com/ibxolb/login/index.html1,913
  5. 5https://ibx.key.com/ibxolb/olb/index.html1,583
  6. 6key.com1,579
  7. 7https://ibx.key.com/ibxolb/olb/signInClient.html1,197
  8. 8ibx.key.com/ibxolb/olb/index.html1,168
  9. 9ibx.key.com/ibxolb/olb/signInClient.html838
  10. 10android://yYMmdkVTkp1HcjZIwj1asHrs9yWQg7v3giAarY5LVHj1hQi1VLyf_K7AP_uddXUN9gsJT8DZXQglXC5OgfhNEw==@com.key.android/743

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events2,916
Netherlands
Events428
Germany
Events389
Denmark
Events146
India
Events82
Indonesia
Events65
France
Events51
United Kingdom
Events42

Country Breakdown

  1. 1United States2,916
  2. 2Netherlands428
  3. 3Germany389
  4. 4Denmark146
  5. 5India82
  6. 6Indonesia65
  7. 7France51
  8. 8United Kingdom42

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Citrix36
Pulse Secure23
WordPress21
Cisco (AnyConnect)17
FortiNet VPN10
Git9

Operating System Distribution

Distribution of compromised endpoint builds

Windows 11705
Windows 11 24H2 build 26100 (64 Bit)429
Windows 10 Home x64261
Windows 10 Enterprise x64248
Windows 10148

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
61,569
Combolist pools
10,688
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.