Defion Security was allegedly breached after an actor compromised three publicly accessible ESXi hosts and escalated privileges to gain deep access to the company’s systems. After an alleged failed extortion attempt in which the company patched the vulnerability but did not respond, the actor is offering exfiltrated data—including a full Splunk dump, ticketing system records, C-level PST/OST email files, partner documents, and backups—for sale on a hacker forum. #DefionSecurity #ESXi
Keypoints
- Three publicly accessible ESXi hosts were reportedly compromised.
- The actor escalated privileges to gain deep access to Defion Security’s systems.
- Allegedly exfiltrated data includes a full Splunk dump, ticketing records, C-level PST/OST emails, partner documents, and ESXi backups.
- An attempted extortion allegedly failed after the company patched the exploited vulnerability but did not engage with the actor.
- The threat actor is now attempting to sell the stolen data on a hacker forum.
Read More: https://dailydarkweb.net/defion-security-data-breach-esxi-hosts-compromised/