Pax8 mistakenly sent a sensitive spreadsheet containing internal business and licensing data to fewer than 40 UK-based partners, leading to potential exposure of partner and customer information. Threat actors are now attempting to purchase the leaked dataset, which could be exploited for targeting or fraud. #Pax8DataLeak #MSPLicensingInformation
Keypoints
- Pax8 accidentally sent a spreadsheet containing sensitive internal data to a small group of UK partners.
- The compromised file included customer details, licensing information, and Microsoft program data.
- Pax8 responded quickly by requesting recipients delete the email and attachment and conducted internal reviews.
- Threat actors are currently trying to buy the leaked dataset for malicious purposes.
- The incident could enable targeted phishing, BEC attacks, or competitive intelligence gathering.