Infiltration of Zacks’ active directory as domain admin enabled the theft of source code belonging to the company’s primary website and 16 others, according to the threat actor, who has been peddling the exfiltrated account information, including full names, usernames, physical and email addresses, and phone numbers, for a small amount of cryptocurrency.
Almost 12M Zacks Investment Research accounts exposed
