Back

lamresearch.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event impacting lamresearch.com, with a risk score of 100. The primary concern stems from 45,537 historical data breaches, representing 95.5% of the total events, and 2,169 active infostealer logs, accounting for 4.5%. Employee accounts are the most affected category with 45,444 instances, followed by clients with 2,262. The timeline shows a surge in employee-related events in September 2025 and January 2026, and client-related events peaking in September 2025 and March 2026. Malware analysis reveals Redline as the dominant infostealer family, present in 80.7% of observed malware. The high volume of historical data breaches and active infostealer logs, particularly targeting employee credentials, presents a critical risk of further compromise and unauthorized access. The prevalence of Redline infostealer suggests a focus on credential harvesting. Remediation efforts should prioritize investigating the root cause of the historical data breaches, enhancing credential security measures, and implementing robust endpoint detection and response to counter active infostealer threats. Given the nature of the domain and the services targeted, such as Microsoft and VPN solutions, a focus on securing access points and user accounts is paramount.

Total Events

47,706
credential exposure events

Employee Affected Events

45,444
account email domain = lamresearch.com

Client Affected Events

2,262
service target = lamresearch.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
15,00010,0005,0000
peak month 12,717
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events2,169
Share5%
Data breaches
Events45,537
Share96%
Infostealer logs (5%)
2,169events
Data breaches (96%)
45,537events

45,444 compromised employee accounts pose an infrastructure risk, while 2,262 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender.3
Windows Defender3
Avast3
Bitdefender2
Avira1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,751
LummaC280
Rhadamanthys64
Acreed45
X-Files25
Vidar18
Millenium15
RisePro6
StealC5

Top Login URLs

Top exposed services found in the event results

  1. 1lamresearch.com513
  2. 2https://careers.lamresearch.com173
  3. 3careers.lamresearch.com166
  4. 4https://signin.lamresearch.com/adfs/ls/113
  5. 5https://signin.lamresearch.com/93
  6. 6https://signin.lamresearch.com60
  7. 7signin.lamresearch.com/adfs/ls/58
  8. 8signin.lamresearch.com42
  9. 9signin.lamresearch.com/33
  10. 10https://careers.lamresearch.com/talentcommunity/login/29

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events487
Netherlands
Events410
Germany
Events351
Denmark
Events165
India
Events77
United Kingdom
Events58
France
Events45
Taiwan
Events37

Country Breakdown

  1. 1United States487
  2. 2Netherlands410
  3. 3Germany351
  4. 4Denmark165
  5. 5India77
  6. 6United Kingdom58
  7. 7France45
  8. 8Taiwan37

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Microsoft288
Citrix48
Pulse Secure33
FortiNet VPN21
Git10
Cisco (AnyConnect)5
Jira (Atlassian)3

Operating System Distribution

Distribution of compromised endpoint builds

Windows Server 2008 R2 x32137
Windows 10 Enterprise x32137
Windows Server 2016 x32133
Windows 10 Home x32124
Windows Server 2019 x32123

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
35,651
Combolist pools
9,886
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.