Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Analyze » DAYO Media & Communications » DAY1411014112625

Incident Score: Analysis & Impact (DAY1411014112625)

The details regarding individual company incidents & reports gives you full view from every side.

Rankiteo Score Impact Analysis

Rankiteo Incident Impact-63
Company Score Before Incident749 / 1000
Company Score After Incident686 / 1000
INCIDENT NUMBERDAY1411014112625
Type of Cyber IncidentBreach
ATTACK VECTORNA
DATA EXPOSEDName, Social Security number, Address,...
INCIDENT DATE18/05/2025
STATUSOngoing (as of November 24, 2025, review of impacted data and individuals in progress)

Key Highlights From The Incident Analysis

  • Timeline of DAYO Media & Communications's Breach and lateral movement inside company's environment.
  • Overview of affected data sets, including SSNs and PHI, and why they materially increase incident severity.
  • How Rankiteo’s incident engine converts technical details into a normalized incident score.
  • How this cyber incident impacts DAYO Media & Communications Rankiteo cyber scoring and cyber rating.
  • Rankiteo’s MITRE ATT&CK correlation analysis for this incident, with associated confidence level.

Full Incident Analysis Transcript

In this Rankiteo incident briefing, we review the DAYO Media & Communications breach identified under incident ID DAY1411014112625.

The analysis begins with a detailed overview of DAYO Media & Communications's information like the linkedin page: https://www.linkedin.com/company/dayo-media-&-communications, the number of followers: 328, the industry type: Public Relations and Communications Services and the number of employees: 6 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 749 and after the incident was 686 with a difference of -63 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on DAYO Media & Communications and their customers.

On 24 November 2025, DM&C disclosed Data Breach and Unauthorized Access issues under the banner "DM&C Data Breach Involving Sensitive Personal and Health Information".

DM&C announced a data breach where unauthorized access to internal records occurred between May 19 and May 22, 2025.

The disruption is felt across the environment, affecting Internal records, and exposing Name, Social Security number and Address.

In response, teams activated the incident response plan, while recovery efforts such as Credit monitoring services offered to affected individuals continue, and stakeholders are being briefed through Breach notice posted on website and Notification letters mailed to impacted individuals (November 24, 2025).

The case underscores how Ongoing (as of November 24, 2025, review of impacted data and individuals in progress), with advisories going out to stakeholders covering Breach notice posted on website and Notification letters mailed to impacted individuals with details of exposed data and credit monitoring services.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.

MITRE ATT&CK® Correlation Analysis

Rankiteo's analysis has identified several MITRE ATT&CK tactics and techniques associated with this incident, each with varying levels of confidence based on available evidence. Under the Initial Access tactic, the analysis identified Valid Accounts (T1078) with moderate to high confidence (70%), supported by evidence indicating unauthorized third party gained access to its internal systems (May 19-22, 2025) and Exploit Public-Facing Application (T1190) with moderate confidence (50%), supported by evidence indicating unauthorized access to internal records (no explicit vector, but common for external-facing systems). Under the Collection tactic, the analysis identified Data from Local System (T1005) with high confidence (90%), supported by evidence indicating sensitive PII/PHI ... names, SSNs, medical history, health insurance details accessed. Under the Exfiltration tactic, the analysis identified Exfiltration Over Alternative Protocol (T1048) with moderate to high confidence (80%), supported by evidence indicating unauthorized access and acquisition confirmed (implies data removal) and Automated Exfiltration (T1020) with moderate confidence (60%), supported by evidence indicating large-scale PII/PHI exposure suggests automated collection/exfiltration. Under the Impact tactic, the analysis identified Data from Cloud Storage (T1530) with moderate to high confidence (70%), supported by evidence indicating internal records (potentially cloud-hosted) containing PII/PHI accessed and Data Destruction (T1485) with lower confidence (10%), supported by evidence indicating no explicit destruction mentioned, but high-severity breach implies potential tampering. Under the Defense Evasion tactic, the analysis identified File Deletion: Clear Linux or Mac System Logs (T1070.004) with lower confidence (40%), supported by evidence indicating delayed detection (May 19-22) suggests possible log tampering to evade detection. Under the Credential Access tactic, the analysis identified Account Discovery: Local Account (T1087.001) with moderate confidence (60%), supported by evidence indicating access to internal systems implies potential account enumeration for lateral movement. These correlations help security teams understand the attack chain and develop appropriate defensive measures based on the observed tactics and techniques.

Sources & References