Due to the nature of our industry, products and services, OWL Cybersecurity cannot discuss specific, identifiable client information. We are happy to provide you with a client reference if circumstances permit. Please see below for examples of successes achieved with the OWL Vision platform.
Investment Firm Clients' Account Info Available on the Internet
OWL Cybersecurity discovered account information for a top investment firm’s clients on improperly secured servers. The account-related information, available publicly to people outside of the organization, included Personally Identifiable Information (PII) such as clients’ account numbers and Social Security numbers. Based on this DARKINT, OWL Cybersecurity was able to advise the investment firm accordingly on remediation which included requesting removal of the information and/or securing the servers hosting this information.
MAJOR U.S. HEALTHCARE ORGANIZATION EXPOSES PROPRIETARY DATA
OWL Cybersecurity identified the public availability of sensitive human resources and internal network information during an investigation using OWL Vision and DARKINT. This information, including internal use only documents, images, and diagrams, was found on a system which normally requires credentials for access. OWL Cybersecurity notified the organization and recommended steps to properly secure proprietary data.
Fortune 20 financial services company bleeds credentials
OWL Cybersecurity detected the ongoing sale of a client’s internal account credentials on a Middle Eastern website, including administrative level credentials and credentials for remote terminals in several countries. With this threat intelligence, the company identified breach sources and modified its practices in order to secure account credentials.
OWL Vision alerts to disclosure of telcom organization’s internal use only training documentation
Through OWL Vision and DARKINT, OWL Cybersecurity identified internal use only training documents on misconfigured client and third party websites. This information, of value to many outside of the organization, especially competitors, divulges internal policies and processes. OWL assisted the client with ensuring client websites were properly configured and the documents residing on third party websites were removed.
Fortune 100 company pinpoints client’s breach data
Within fifteen minutes of using DARKINT and OWL Vision for the first time, a multinational technology company pinpointed the darknet location of a client’s breached data. After identifying the source, using an OWL Vision sample search, the organization was able to have the data safely removed on behalf of their client.
Financial firm investor credentials exposed outside of organization
The team at OWL Cybersecurity was alerted by DARKINT to the exposure of numerous investor credentials captured by malware. At the time, the malware was not yet publicly identified. These credentials were intended to access the financial firm’s website and manage individual investor funds and accounts. OWL Cybersecurity delivered this intelligence to the organization and recommended the firm provide ongoing account monitoring and contact clients regarding password resets.
Medical facility leaks protected health information of patients
The OWL Cybersecurity team, with the help of OWL Vision and DARKINT, discovered the exposure of patient records containing Protected Health Information (PHI). An unsecured FTP server belonging to a medical facility had been hosting the documents. OWL Cybersecurity immediately notified the client, and the medical records were removed to prevent further exposure of protected information.
Attackers track actions and activities of executives
OWL Cybersecurity identified DARKINT consisting of online chatter that outlined the movements of several senior mining company executives. The discussion involved an apparent plan to target South American facilities during executive absences. This intelligence was relayed to the organization within a timeline that allowed for modification of the executives’ movements as well as an overhaul of their communication and travel platforms.
Personally identifiable information found in publicly exposed HR document
OWL Cybersecurity detected a sensitive human resources (HR) document, belonging to a healthcare organization, openly available on a public posting webpage. The HR document contained Personally Identifiable Information (PII), valuable to criminals collecting and reselling PII or using PII to steal identities. Due to the intimate details contained in the document, OWL was not privy to the ultimate resolution; however, the team notified the client and the issue was rapidly elevated to the highest levels of management.