Mak Unatrac

We've been tracking an uptick in breaches impacting industrial supply chains, and a recent discovery caught our attention due to its age and potential persistence in combolists. While the volume wasn't massive, the target – Mak Unatrac, a UK-registered arm of the Mantrac Group specializing in marine engines – suggested a focused interest in specific industrial sectors. The data had been circulating quietly for years, but we noticed it resurface in a new, aggregated combolist targeting maritime and logistics companies. What really struck us wasn't the initial impact, but the potential for ongoing credential stuffing attacks leveraging this older breach data.

The Legacy Leak: Mak Unatrac's 14.6k Records Resurface

The Mak Unatrac breach, dating back to August 2018, exposed 14,690 user records. The compromised data included email addresses and password hashes. While the specific hashing algorithm remains unknown, the age of the breach and the potential for weak or outdated hashing methods raise concerns. This incident highlights the long tail of data breaches and the continued risk posed by older compromised credentials. The breach was discovered after the data resurfaced in a combolist shared on a popular hacking forum.

Key point: Total records exposed: 14,690

Key point: Types of data included: Email Address, Password Hash

Key point: Source structure: Unknown

Key point: Leak location(s): Hacking Forum (unspecified)

Key point: Date of first appearance: 26-Aug-2018

This breach caught our attention not just because of the victim, but because of the timing. The data had been circulating quietly for years, but we are now seeing it being actively used in credential stuffing attacks against related industries. This suggests that attackers are not only hoarding breached data, but also actively analyzing and leveraging it for targeted campaigns. This matters to enterprises now because it demonstrates the ongoing risk associated with even seemingly "old" breaches. Credentials compromised years ago can still be used to gain unauthorized access to systems and data today.

This incident ties into broader threat themes surrounding the automation of attacks and the persistence of breached data. Attackers are increasingly using automated tools to test compromised credentials against multiple targets, and the availability of large combolists makes this process even easier. The fact that this Mak Unatrac data is still being used years later underscores the need for organizations to proactively monitor for compromised credentials and implement robust password security measures.

External Context & Supporting Evidence

While specific news coverage of the original Mak Unatrac breach is limited, the incident aligns with a broader trend of cyberattacks targeting the maritime and logistics industries. A 2020 report by the Atlantic Council highlighted the growing cyber threat to the maritime sector, noting that "ports, shipping companies, and other maritime organizations are increasingly vulnerable to cyberattacks." The report emphasizes the potential for significant disruptions and financial losses resulting from these attacks. Additionally, various threat intelligence platforms and security blogs have documented the persistent use of combolists in credential stuffing attacks, highlighting the ongoing risk posed by older breached data. One Telegram post claimed the files were "recycled to target new shipping companies, so update your passwords."

Email · Address · Password · Hash