Back

ti.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The telemetry indicates a significant exposure event affecting ti.com, with 188,398 historical data breaches and 21,530 active infostealer logs observed between July 2025 and June 2026. The majority of these events, 89.7%, are attributed to historical data breaches, while 10.3% are active infostealer logs. The affected parties include 80,828 employees and 129,100 clients. Key malware families involved in infostealer activity include Redline, LummaC2, and Rhadamanthys. The data suggests a strong focus on credential harvesting, with targeted services including login portals and internal portals. The primary geographic origins of the telemetry are the United States, India, and China. The leak repository classification indicates that 79.2% of the data originated from combolist sources, suggesting widespread credential stuffing or reuse of compromised credentials.

Total Events

209,928
credential exposure events

Employee Affected Events

80,828
account email domain = ti.com

Client Affected Events

129,100
service target = ti.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
40,00026,66713,3330
peak month 33,313
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events21,530
Share10%
Data breaches
Events188,398
Share90%
Infostealer logs (10%)
21,530events
Data breaches (90%)
188,398events

80,828 compromised employee accounts pose an infrastructure risk, while 129,100 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender161
Windows Defender Norton Security22
Windows Defender [ON]11
Avast10
Malwarebytes6
Windows Defender McAfee VirusScan6
Windows Defender.1
腾讯电脑管家系统防护 [OFF]1
Bitdefender1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline4,987
LummaC22,923
Rhadamanthys2,743
Acreed1,619
Vidar1,357
StealC401
RisePro350
Remus172
Millenium154

Top Login URLs

Top exposed services found in the event results

  1. 1https://login.ti.com/as/authorization.oauth212,610
  2. 2https://myportal.ti.com/portal/dt9,345
  3. 3https://www.ti.com/myti/nsdocs/register8,283
  4. 4ti.com7,700
  5. 5myportal.ti.com/portal/dt7,013
  6. 6login.ti.com/as/authorization.oauth26,903
  7. 7https://login.ti.com5,183
  8. 8login.ti.com5,009
  9. 9ti.com/myti/nsdocs/register5,002
  10. 10https://myportal.ti.com4,834

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events1,765
India
Events1,456
China
Events1,320
Germany
Events519
Netherlands
Events491
Malaysia
Events410
Taiwan
Events368
Mexico
Events353

Country Breakdown

  1. 1United States1,765
  2. 2India1,456
  3. 3China1,320
  4. 4Germany519
  5. 5Netherlands491
  6. 6Malaysia410
  7. 7Taiwan368
  8. 8Mexico353

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Citrix112
Pulse Secure59
WordPress48
Git39
Jira (Atlassian)39
FortiNet VPN29
Cisco (AnyConnect)17

Operating System Distribution

Distribution of compromised endpoint builds

Windows 111,636
Windows 10 Enterprise x641,235
Windows 11 24H2 build 26100 (64 Bit)1,060
Windows 10 Pro736
Windows 10 22H2 build 19045 (64 Bit)713

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
149,120
Combolist pools
39,278
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.