A recent leak, stemming from a severe vulnerability in a popular file transfer tool, has led to the exposure of employee data from some of the world's largest companies. Reportedly, hackers accessed sensitive information through a critical flaw discovered in mid-year. The exposed data includes millions of records from companies across various industries such as finance, retail, technology, and healthcare, exacerbating concerns about employee privacy and corporate security.

The security vulnerability allowed attackers to bypass authentication protocols and gain unauthorized access to databases containing confidential information. Since [month] [year], attackers have stolen employee data (most of which was organized into structured directories with personal and company identifiers), triggering one of the largest data breaches in recent history. Reportedly, a hacker known by the alias "" recently posted these records on a major cybercrime forum, highlighting the breadth and depth of data currently in the hands of cybercriminals.

The scope and content of the violation, including the leaked data, can be traced back to [year] [month], which includes sensitive employee information such as names, email addresses, phone numbers, and cost center codes. In some cases, this data also maps out the entire organizational structure, creating detailed profiles of the affected companies. The affected companies include Amazon, HSBC, McDonald's, MetLife, Cardinal Health, and HP, among others. The number of records in each company's directory varies:

• Amazon: ,, records
• HSBC: , 1 record
• MetLife: , 1 record
• Cardinal Health Inc.: , 1 record
• , Record
• Lenovo: 1 record
• McDonald's:, 1 record

The leaked dataset from Amazon (confirmed by the company to be authentic) includes fields such as employee names, cost center codes, phone numbers, and job titles. The data from HSBC covers records from various international branches, listing users, employee status, and department codes.

Researchers confirmed the authenticity of the breach by matching email addresses from the leaked data with personal profiles and infection records of information-stealing malware that affected some employees of these companies.

This is not the first time the vulnerability (--) has been implicated in major breaches. In , the ransomware organization exploited the same vulnerability to launch a massive attack affecting global organizations, leaking millions of data. This attack was attributed to , highlighting the serious risks posed by unpatched vulnerabilities in widely used software tools. Many organizations affected by the attack experienced operational disruptions, legal consequences, and severe reputational damage. According to 's tracking page, the incident affected , organizations, resulting in the leakage of personal data of ,, people, making it one of the largest and most far-reaching data breaches in history.

In the recent case, it has not yet been confirmed whether or its affiliated companies are behind this leak. Although is notorious for targeting similar vulnerabilities in large-scale ransomware operations, researchers have not yet established any connection between this latest leak and the organization. The hackers behind this attack emphasized that the leaked data is only a small fraction of what they possess, suggesting that more data breaches may occur in the coming days. The threat actor urged companies to "pay attention" to the data about to be disclosed and hinted that more sensitive data will be made public.