Leader in Cyber Underwriting

Loading...

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Analyze » Surfshark » STASUR1779668969

Incident Score: Analysis & Impact (STASUR1779668969)

The details regarding individual company incidents & reports gives you full view from every side.

Rankiteo Score Impact Analysis

Rankiteo Incident Impact-167

Company Score Before Incident754 / 1000

Company Score After Incident587 / 1000

Company LinkView Surfshark Profile

INCIDENT NUMBERSTASUR1779668969

Type of Cyber IncidentBreach

ATTACK VECTORransomware, phishing, supply_chain_vulnerabilities

DATA EXPOSEDover 1 billion user accounts

INCIDENT DATE13/10/2025

STATUSpublished

Key Highlights From The Incident Analysis

Timeline of Surfshark's Breach and lateral movement inside company's environment.
Overview of affected data sets, including SSNs and PHI, and why they materially increase incident severity.
How Rankiteo’s incident engine converts technical details into a normalized incident score.
How this cyber incident impacts Surfshark Rankiteo cyber scoring and cyber rating.
Rankiteo’s MITRE ATT&CK correlation analysis for this incident, with associated confidence level.

Full Incident Analysis Transcript

In this Rankiteo incident briefing, we review the Surfshark breach identified under incident ID STASUR1779668969.

The analysis begins with a detailed overview of Surfshark's information like the linkedin page: https://www.linkedin.com/company/surfshark, the number of followers: 24823, the industry type: IT Services and IT Consulting and the number of employees: 495 employees

After the initial compromise, the video explains how Rankiteo's incident engine converts technical details into a normalized incident score. The incident score before the incident was 754 and after the incident was 587 with a difference of -167 which is could be a good indicator of the severity and impact of the incident.

In the next step of the video, we will analyze in more details the incident and the impact it had on Surfshark and their customers.

On 14 October 2025, a cybersecurity incident called "Global Data Breaches Reach Record Highs, Exposing Over 1 Billion Accounts in 2025" came to light.

A recent report by Surfshark reveals a sharp rise in global data breaches, with over 1 billion user accounts exposed worldwide between the first quarter of 2020 and the third quarter of 2025.

The disruption is felt across the environment, and exposing over 1 billion user accounts, with nearly over 1 billion records at risk.

Formal response steps have not been shared publicly yet.

Overall, the incident is a reminder of why proactive monitoring and strong governance matter.

Finally, we try to match the incident with the MITRE ATT&CK framework to see if there is any correlation between the incident and the MITRE ATT&CK framework.

The MITRE ATT&CK framework is a knowledge base of techniques and sub-techniques that are used to describe the tactics and procedures of cyber adversaries. It is a powerful tool for understanding the threat landscape and for developing effective defense strategies.

MITRE ATT&CK® Correlation Analysis

Rankiteo's analysis has identified several MITRE ATT&CK tactics and techniques associated with this incident, each with varying levels of confidence based on available evidence. Under the Initial Access tactic, the analysis identified Phishing (T1566) with high confidence (90%), supported by evidence indicating breaches driven by...phishing and Supply Chain Compromise (T1195) with moderate to high confidence (80%), supported by evidence indicating supply chain vulnerabilities. Under the Execution tactic, the analysis identified Exploitation for Client Execution (T1203) with moderate confidence (60%), supported by evidence indicating increasingly sophisticated cyberattacks. Under the Credential Access tactic, the analysis identified Brute Force (T1110) with moderate confidence (50%), supported by evidence indicating over 1 billion user accounts exposed and Credentials from Password Stores (T1555) with moderate confidence (60%), supported by evidence indicating data breaches affecting individuals and organizations. Under the Impact tactic, the analysis identified Data Encrypted for Impact (T1486) with moderate to high confidence (70%), supported by evidence indicating ransomware...driven by increasingly sophisticated cyberattacks. Under the Exfiltration tactic, the analysis identified Exfiltration Over C2 Channel (T1041) with moderate to high confidence (80%), supported by evidence indicating over 1 billion user accounts exposed worldwide and Automated Exfiltration (T1020) with moderate confidence (60%), supported by evidence indicating persistent and escalating threat landscape. These correlations help security teams understand the attack chain and develop appropriate defensive measures based on the observed tactics and techniques.

Initial Access

Phishing (90%)

Supply Chain Compromise (80%)

Execution

Exploitation for Client Execution (60%)

Credential Access

Brute Force (50%)

Credentials from Password Stores (60%)

Impact

Data Encrypted for Impact (70%)

Exfiltration

Exfiltration Over C2 Channel (80%)

Automated Exfiltration (60%)

Sources & References

Surfshark Rankiteo Cyber Incident Details: https://www.rankiteo.com/company/surfshark/incident/STASUR1779668969
Surfshark CyberSecurity Rating page: https://www.rankiteo.com/company/surfshark
Surfshark Rankiteo Cyber Incident Blog Article: https://blog.rankiteo.com/stasur1779668969-surfshark-statista-breach-october-2025/
Surfshark CyberSecurity Score History: https://www.rankiteo.com/company/surfshark/history
Surfshark CyberSecurity Incident Source: https://www.statista.com/statistics/1307426/number-of-data-breaches-worldwide/
Rankiteo A.I CyberSecurity Rating methodology: https://www.rankiteo.com/Images/rankiteo_algo.pdf
Rankiteo TPRM Scoring methodology: https://static.rankiteo.com/model/rankiteo_tprm_methodology.pdf