Massive Data Breach Exposes 760K Employees at Xerox, Nokia, Bank of America, and More

Dec 3, 2024

In yet another high-profile cyberattack, a data breach has exposed sensitive information belonging to over 760,000 employees of major companies, including Xerox, Nokia, Bank of America, and Morgan Stanley. The breach stems from a vulnerability in the MOVEit file transfer tool, which was exploited by the Russia-affiliated Cl0p ransomware group.

What Happened?

The leak, made public on December 2, 2024, was orchestrated by a threat actor going by the alias "Nam3L3ss", who began releasing what appears to be authentic employee data. This incident follows the broader MOVEit vulnerability exploitation wave, initially discovered in May 2023.

What Was Exposed?

The compromised data includes:

  • Full Names

  • Phone Numbers

  • Email Addresses

  • Job Titles

  • Employee Badge Numbers

  • Workplace Locations

This level of detail could be highly lucrative for cybercriminals looking to carry out social engineering attacks or other targeted threats.

Affected Companies & Employee Count:

Massive Data Breach Exposes 760K Employees at Xerox, Nokia, Bank of America Summary

Why It Matters?

Experts warn that the exposure of such granular data could result in widespread phishing attempts and other scams targeting both the employees and their organizations. Zack Ganot, Chief Strategy Officer at Atlas Privacy, highlighted the severity, stating:

"Knowing exactly what employee sits on which team, who they report to, what their badge number is, what building they work in, their organizational email and phone number – this is some wild stuff for an attacker looking to exploit an organization."

What’s Next?

Although the affected organizations have not publicly commented, investigations are underway to assess the full scope of the breach. The incident underscores the need for stronger cybersecurity measures, particularly for widely used tools like MOVEit.

This breach follows a pattern of major leaks exploiting file transfer vulnerabilities, impacting thousands of organizations and millions of individuals worldwide.

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.

Latest News

ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack
ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack
ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack
ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack

ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack

ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack

ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack

ShinyHunters Breach Exposes 1.5 Billion Salesforce Records via Drift OAuth Hack

Sep 18, 2025

North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack
North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack
North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack
North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack

North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack

North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack

North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack

North Korean Hackers Exploit ChatGPT to Forge Military IDs in Phishing Attack

Sep 17, 2025

China’s Great Firewall Leak Exposes Global Surveillance Technology Exports
China’s Great Firewall Leak Exposes Global Surveillance Technology Exports
China’s Great Firewall Leak Exposes Global Surveillance Technology Exports
China’s Great Firewall Leak Exposes Global Surveillance Technology Exports

China’s Great Firewall Leak Exposes Global Surveillance Technology Exports

China’s Great Firewall Leak Exposes Global Surveillance Technology Exports

China’s Great Firewall Leak Exposes Global Surveillance Technology Exports

China’s Great Firewall Leak Exposes Global Surveillance Technology Exports

Sep 16, 2025

HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025
HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025
HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025
HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025

HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025

HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025

HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025

HackerOne Data Breach via Salesforce-Drift Integration: Technical Breakdown 2025

Sep 11, 2025

CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks
CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks
CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks
CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks

CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks

CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks

CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks

CISA Flags WhatsApp Zero-Day Vulnerability Exploited in Zero-Click Spyware Attacks

Sep 4, 2025

Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales
Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales
Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales
Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales

Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales

Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales

Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales

Jaguar Land Rover Cyberattack 2025: IT Shutdown Halts Production and Sales

Sep 3, 2025

Get updates in your inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Get updates in your

inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.