The actor shared an export with a full list of client sub accounts they were able to export from...

Summary

A threat actor has publicly disclosed an export containing a full list of client sub-accounts extracted from Wasabi cloud storage, including account details such as IDs, names, account numbers, emails, and channel information. The actor deduplicated domain names extracted from email addresses in the export and shared the data publicly, indicating unauthorized access to Wasabi's customer account information.

Entities