CIC A.I CyberSecurity Scoring
CIC
Company Information
Website:http://www.unb.ca/cic
Employees number:61
Number of followers:12,494
NAICS:5417
Industry Type:Research Services
Homepage:unb.ca
CIC Risk Score (AI oriented)
Between 0 and 549
CICResearch Services
Updated:
03/04/2026
03/04/2026
482/1000
Critical
C
CIC Global Score (TPRM)
xxxx
CICResearch Services
Score locked

CICCritical
Current Score
482C (CRITICAL)
01000
3 incidents
-161 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
498
JUNE 2026
497
MAY 2026
488
APRIL 2026
485
MARCH 2026
482
FEBRUARY 2026
593
JANUARY 2026
752
Breach
23 Jan 2026 • CIC
Yahoo, Facebook, TikTok, Netflix, Microsoft Outlook, OnlyFans, Binance and Canadian service provider: Massive Data Breach Exposes 149 Million User Passwords For Gmail, Facebook, & More
Massive Credential Breach Exposes 149 Million Logins in Unsecured Database
591
CRITICAL-161
YAHFACTIKNETMICONLBINCAN1769189638
Massive Credential Breach Exposes 149 Million Logins in Unsecured Database
A security researcher recently uncovered a staggering data exposure involving 149 million usernames and passwords left unprotected on the internet. The database, hosted by a Canadian service provider, was freely accessible via a standard web browser, allowing anyone to search and extract sensitive login details without authentication. The breach remained active for about a month, with new credentials continuously added before the hosting provider took it offline following notification.
The compromised data spanned a wide range of platforms, including:
- Email services: 48 million Gmail, 4 million Yahoo, and 1.5 million Microsoft Outlook accounts
- Social media: 17 million Facebook, 780,000 TikTok, and 100,000 OnlyFans logins
- Streaming & entertainment: 3.4 million Netflix subscriptions
- Financial services: 420,000 Binance cryptocurrency accounts, along with banking and credit card details
- Government & education: 1.4 million .edu domain credentials and other official systems
Investigators traced the breach to infostealing malware, which infects devices through phishing, malicious downloads, or compromised websites. The malware logs keystrokes and captures login credentials, funneling them into centralized databases like the one discovered. Each entry included unique identifiers, suggesting the database was designed for large-scale criminal operations, such as account takeovers or ransomware attacks.
The implications of this breach are severe, with risks ranging from identity theft and financial fraud to potential espionage via compromised government and academic accounts. The incident reflects a broader trend of unsecured databases and the growing accessibility of cybercrime tools renting infrastructure for such operations can cost as little as $200–$300 per month, enabling even low-skilled threat actors to amass vast troves of data.
While no immediate exploits have been confirmed, the exposure underscores persistent vulnerabilities in data security practices. Similar breaches have repeatedly demonstrated how quickly stolen credentials circulate on underground forums, prolonging the threat long after the initial leak. The full impact of this incident may unfold over time as attackers exploit the exposed information.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
752
NOVEMBER 2025
752
OCTOBER 2025
751
SEPTEMBER 2025
751
AUGUST 2025
751
JANUARY 2025
750
Breach
01 Jan 2025 • CIC
Canadian Tire, Cisco, VMware and Juniper: Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION
Cybersecurity Roundup: Major Breaches, State-Backed Threats, and Critical Vulnerabilities
597
CRITICAL-153
CISVMWJUNCAN1772332146
Cybersecurity Roundup: Major Breaches, State-Backed Threats, and Critical Vulnerabilities
A wave of high-profile cyber incidents, state-sponsored attacks, and critical vulnerabilities has dominated recent cybersecurity news.
Law Enforcement Actions & Espionage
Spanish police arrested a young hacker for exploiting a payment gateway to book luxury hotel stays for just one cent. Meanwhile, a former U.S. defense contractor executive received an 87-month prison sentence for selling stolen trade secrets, including zero-day exploits, to a Russian broker. In a separate case, a Romanian national pleaded guilty to selling unauthorized access to Oregon state government networks and other U.S. victims.
State-Backed Threats & APT Activity
Google’s Threat Intelligence Group (GTIG) disrupted a China-linked APT, UNC2814, halting attacks on 53 organizations across 42 countries. The Lazarus Group, a North Korean APT, deployed Medusa ransomware against a Middle East target, while APT28 (Russia) launched Operation MacroMaze, exploiting webhooks for covert data exfiltration. Dutch intelligence warned of Russia escalating hybrid attacks, preparing for a prolonged standoff with Western nations.
Critical Vulnerabilities & Exploits
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple flaws to its Known Exploited Vulnerabilities (KEV) catalog, including:
- A Soliton Systems K.K FileZen vulnerability.
- Cisco SD-WAN flaws, abused since 2023 for full admin control.
- BeyondTrust (CVE-2026-1731) and VMware Aria Operations vulnerabilities enabling remote attacks.
Juniper issued an emergency patch for a critical PTX router RCE flaw, while Check Point researchers exposed flaws in Claude Code that could turn untrusted repositories into attack vectors.
Ransomware & Data Breaches
- Everest ransomware hit Vikor Scientific’s supplier, stealing data of 140,000 patients.
- ShinyHunters breached CarGurus, exposing 12.4 million users.
- ManoMano, a European DIY chain, suffered a breach impacting 38 million customers.
- Canadian Tire disclosed a 2025 breach affecting 38 million users.
- Olympique Marseille confirmed an attempted cyberattack following a data leak.
Emerging Threats & AI Risks
- 12 million exposed .env files revealed widespread security misconfigurations.
- Aeternum, a new botnet, hides commands in Polygon smart contracts.
- An AI-powered campaign compromised 600 FortiGate systems globally.
- Arkanix Stealer, an AI-assisted info-stealer, briefly operated before shutting down.
- CrowdStrike reported attackers moving through networks in under 30 minutes.
Geopolitical & Industry Developments
- Apple’s iPhone and iPad became the first consumer devices cleared for NATO ‘RESTRICTED’ classification.
- The U.S. Treasury sanctioned an exploit broker network for theft and sale of government cyber tools.
- Iran’s internet faced near-total blackouts amid U.S. and Israeli strikes.
- Ukraine reported cyberattacks on its energy grid being used to guide missile strikes.
Malware & Campaigns
- UAT-10027, a stealthy campaign, targeted U.S. education and healthcare with the Dohdoor backdoor.
- Starkiller, a phishing service, proxies real login pages, including MFA.
- North Korean actors deployed Medusa ransomware in a Middle East attack.
- A wormable XMRig campaign used BYOVD (Bring Your Own Vulnerable Driver) and a timed kill switch for stealth.
The past week underscored the growing sophistication of cyber threats, from state-sponsored espionage to AI-driven attacks and large-scale data breaches.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2023
750
Vulnerability
01 Apr 2023 • CIC
Carlsberg Brewery, Canadian Investment Regulatory Organization and White Box Technologies Inc.: NSA dual-hat question, third-party report, GhostPoster extensions
Cybersecurity Roundup: Leadership Shifts, Third-Party Risks, and Emerging Threats
746
CRITICAL-4
CARCANWHI1768827977
Cybersecurity Roundup: Leadership Shifts, Third-Party Risks, and Emerging Threats
Recent developments in cybersecurity highlight evolving threats, regulatory breaches, and structural changes in U.S. defense leadership.
U.S. Cyber Command-NSA Leadership Under Review
Army Lt. Gen. Joshua Rudd, nominated to lead the National Security Agency (NSA), U.S. Cyber Command (CYBERCOM), and the Central Security Service, announced during a confirmation hearing that he will assess the efficiency of the dual-hat leadership structure currently held by acting head Lt. Gen. William Hartman if confirmed. Rudd would succeed Gen. Timothy Haugh, who departed in April 2023.
Third-Party Apps Exploit Sensitive Data Without Justification
A report by Reflectiz analyzing 4,700 major websites over the past year found that 64% of third-party applications access sensitive data without a legitimate business need, up from 51% in 2024. Government and education sectors were most affected, with tools like Google Tag Manager, Shopify, and Facebook Pixel frequently implicated. The findings underscore a growing "governance gap" in data access controls.
GhostPoster Malware Expands, Infects 840,000 Users
Researchers at Koi Security identified 17 additional malicious browser extensions tied to the GhostPoster campaign, bringing total installations to 840,000 across Chrome, Firefox, and Edge. The extensions embed malicious JavaScript in logo images to monitor browsing activity, hijack affiliate links, and execute ad fraud. While removed from official stores, the campaign’s reach highlights persistent supply-chain risks.
Law Enforcement Targets Black Basta Ransomware Operatives
Ukrainian and German authorities have identified two Ukrainian suspects linked to the Russia-affiliated Black Basta ransomware group, accusing them of cracking passwords from stolen data. A 36-year-old Russian national, Oleg Nefedov, was named as the alleged leader and placed on an international wanted list, with potential ties to the Conti gang.
Incidents Impacting Critical Sectors
- Anchorage Police Department: A January 7 cyberattack on third-party vendor White Box Technologies Inc. disrupted operations, though officials stated no sensitive data was compromised.
- Canadian Investment Regulatory Organization (CIRO): A sophisticated phishing attack in August 2023 exposed 750,000 investors’ PII and financial data, though login credentials were unaffected.
- Grubhub: Hackers breached systems and issued extortion demands, though details on timing and compromised data remain undisclosed. The incident may be linked to a separate cryptocurrency scam using Grubhub’s subdomain.
- Carlsberg Brewery: A vulnerability in visitor wristband systems allowed unauthorized access to hundreds of attendees’ photos and names via brute-force attacks. The issue, reported in August 2023, remains unresolved.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CIC ??
What was CIC's A.I Rankiteo Cyber Score in June 2026 ??
What was CIC's A.I Rankiteo Cyber Score in May 2026 ??
What was CIC's A.I Rankiteo Cyber Score in April 2026 ??
What was CIC's A.I Rankiteo Cyber Score in March 2026 ??
What was CIC's A.I Rankiteo Cyber Score in February 2026 ??
What was CIC's A.I Rankiteo Cyber Score in January 2026 ??
What was CIC's A.I Rankiteo Cyber Score in December 2025 ??
What was CIC's A.I Rankiteo Cyber Score in November 2025 ??
What was CIC's A.I Rankiteo Cyber Score in October 2025 ??
What was CIC's A.I Rankiteo Cyber Score in September 2025 ??
What was CIC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on CIC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CIC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CIC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?