Investigation report “AEDyR Information Leak”
Learn first-hand from our analysts about the new security breach happened on April 7 in the Spanish Desalination and Reutilization Association. Download the full report on the AEDyR case!
The credentials leakage is a threat for corporate security, although it takes place in technological assets of third parties. In this case, the breach that occurred because of a SQL injection attack on its web page, provoked the information leak about partners and companies belonging to AEDyR.
The list of affected is quite extensive and includes companies from different sectors related to water treatment and infrastructures. In total, 417 affected email accounts were identified, which were distributed in over 180 different domains, mostly corporate ones.
Our team of experts come to the conclusion that a bad the poor user password management could have become a window of opportunity for the attackers who might have gained access to some accounts if they managed to break stored password hashes.