Back

packagingcorp.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure of packagingcorp.com data, with 42,615 historical data breaches and 1,769 active infostealer logs observed over the reporting period. The majority of these events, 96%, are attributed to historical data breaches, while 4% are active infostealer logs. Employee credentials appear to be the primary target, accounting for 43,719 events, followed by client data with 665 events. The dominant malware family associated with infostealer activity is Redline, representing 98.3% of observed malware. The data suggests a high-risk environment, with a risk score of 100, necessitating immediate attention to credential security and data protection measures. The focus should be on identifying the root cause of the historical data breaches and actively mitigating ongoing infostealer threats, particularly those leveraging Redline malware, to prevent further compromise of employee and client information.

Total Events

44,384
credential exposure events

Employee Affected Events

43,719
account email domain = packagingcorp.com

Client Affected Events

665
service target = packagingcorp.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
12,0008,0004,0000
peak month 11,110
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events1,769
Share4%
Data breaches
Events42,615
Share96%
Infostealer logs (4%)
1,769events
Data breaches (96%)
42,615events

43,719 compromised employee accounts pose an infrastructure risk, while 665 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Avira3
Kaspersky2

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,739
Acreed8
LummaC22
Vidar1

Top Login URLs

Top exposed services found in the event results

  1. 1packagingcorp.com522
  2. 2https://login.packagingcorp.com/9
  3. 3https://login.packagingcorp.com/LoginPolicy.jsp8
  4. 4https://login.packagingcorp.com7
  5. 5login.packagingcorp.com/7
  6. 6packagingcorp.com:217
  7. 7https://login.packagingcorp.com/wap/LoginPolicy.jsp6
  8. 8login.packagingcorp.com/LoginPolicy.jsp6
  9. 9https://mail.packagingcorp.com/owa/auth/logon.aspx6
  10. 10https://auth.packagingcorp.com5

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Netherlands
Events436
United States
Events390
Germany
Events379
Denmark
Events155
France
Events41
United Kingdom
Events37
Sweden
Events29

Country Breakdown

  1. 1Netherlands436
  2. 2United States390
  3. 3Germany379
  4. 4Denmark155
  5. 5France41
  6. 6United Kingdom37
  7. 7Luxembourg32
  8. 8Sweden29

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Citrix34
Pulse Secure28
Git17
FortiNet VPN11
Cisco (AnyConnect)11

Operating System Distribution

Distribution of compromised endpoint builds

Windows Server 2016 x32143
Windows 10 Home x32137
Windows Server 2008 x32132
Windows 7 x32127
Windows Server 2019 x32127

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
32,100
Combolist pools
10,515
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.