Back

mediaplex.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event for mediaplex.com, with 308 historical data breaches and 18 active infostealer logs observed between July 2025 and June 2026. The data breaches represent 94.5% of the total events, impacting 175 employees and 151 clients. Infostealer activity, accounting for 5.5% of events, primarily involved the Acreed and Millenium malware families. The primary affected service appears to be app.mediaplex.com, with Windows 11 being the most common operating system involved. Data sources for these events include combolist sources and database dumps. Given the high volume of historical data breaches and the presence of active infostealer logs, this situation poses a critical risk. The exposure of employee and client data, coupled with ongoing malware activity, necessitates immediate investigation and remediation. Prioritize the analysis of the data breach content and the active infostealer logs to understand the full scope of compromised information and to identify and neutralize the malware threats.

Total Events

326
credential exposure events

Employee Affected Events

175
account email domain = mediaplex.com

Client Affected Events

151
service target = mediaplex.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
10067330
peak month 94
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events18
Share6%
Data breaches
Events308
Share95%
Infostealer logs (6%)
18events
Data breaches (95%)
308events

175 compromised employee accounts pose an infrastructure risk, while 151 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

No Data Available

Malware Families Distribution

Distribution of Active Stealer Strains

Acreed9
Millenium3

Top Login URLs

Top exposed services found in the event results

  1. 1http://app.mediaplex.com/36
  2. 2app.mediaplex.com23
  3. 3app.mediaplex.com/22
  4. 4https://app.mediaplex.com19
  5. 5https://app.mediaplex.com/18
  6. 6http://app.mediaplex.com8
  7. 7mediaplex.com4
  8. 8app.mediaplex.com/adserver/ui_pswd.upsert3
  9. 9adfarm.mediaplex.com/2
  10. 10http://app.mediaplex.com/adserver/ui_pswd.upsert2

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events12
India
Events3
Australia
Events1

Country Breakdown

  1. 1United States12
  2. 2India3
  3. 3Australia1

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1112
Windows 11 Home Single Language 25H2 (Build 26200)3

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
175
Combolist pools
133
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.