Atmax Database Leaked: Sensitive Employee and User Information Compromised

Company Overview

• Name: Atmax
• Industry: Sales Performance Management
• Headquarters: India
• Overview: Atmax offers software solutions aimed at optimizing sales performance through data analytics and automation.

Breach Details

• Date of Breach: June 2023
• Disclosed by: IntelBroker, a notorious hacker and administrator on BreachForums, a platform widely used for trading and leaking stolen data​(Enterprise Technology News and Analysis,Wikipedia).
• Data Compromised:
  • User Data:
    • User IDs, email addresses, hashed passwords, full names, account statuses (enabled/disabled), roles, secret keys, and login histories.
  • Employee Data:
    • Extensive personal and professional information, including full names, dates of birth, gender, job descriptions, employment statuses, official email IDs, bank account details, salary structures, performance reviews, and more​(CPO Magazine,Wikipedia).
• Significance: The breach exposed 36,769 records, making it a significant data leak affecting both customers and employees.

Threat Actor Profile

• Name/Alias: IntelBroker
• Affiliation: BreachForums
• Reputation: IntelBroker is known for leaking high-profile data from organizations like AMD, Apple, and Europol. Their activities have led to increased scrutiny from global law enforcement​(Enterprise Technology News and Analysis,Wikipedia).
• Forum Activity:
  • Posts: 1,586
  • Threads: 275
  • Reputation Points: 4,290
  • IntelBroker has a history of selling or releasing data from significant breaches, which often include sensitive corporate and government information​(Enterprise Technology News and Analysis).

Impact Analysis

• Total Records Exposed: 36,769 users
• Potential Consequences:
  • Identity Theft: Exposure of personal and employment details increases the risk of identity theft and fraud.
  • Phishing Attacks: The availability of official email addresses and job roles can lead to targeted phishing attempts.
  • Financial Fraud: The leaked bank account details and salary information could lead to unauthorized financial activities.
  • Reputation Damage: Atmax may face a severe loss of trust among customers and employees, leading to potential financial losses and legal actions​(CPO Magazine,Wikipedia).
  • Legal and Regulatory Consequences: Atmax may be subject to fines and penalties under data protection laws, depending on the jurisdictions involved.