Investigação ZoomInfo - Hacker Investigador

CONFIDENTIAL MAY - 2022
OPEN SOURCE
INTELLIGENCE REPORT
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13

CONFIDENTIAL OSINT REPORT MAY - 2022
T able O f C ontents
1 C onception ................................................................................. 5
1.1. Scope ......................................................................................................... 5
1.2. Disclaimer..................................................................................................... 5
2 Executive Summary..................................................................................... 6
3 Threat Model........................................................................................... 7
4 ZoomInfo Online Security........................................................................... 9

4.1 Phones Numbers............................................................................................ 9
4.2 Website Technologies.................................................................................... 9
4.3 Whois Leaks................................................................................................. 9
4.4 Domain Administrator’s Breaches................................................................. 11
4.5 Websites redirecting to ZoomInfo.com........................................................... 11
4.6 Public Case Files. ....................................................................................... 12
4.7 Leaked Emails............................................................................................. 12
5 ZoomInfo Physical Security. ..................................................................... 13

5.1 Headquarters Address. ............................................................................... 13
5.2 Key Offices................................................................................................ 14
6 Technology and Security.......................................................................... 15

6.1 Dome Security Camera on first floor:..................................................... 15
6.2 Glass doors with simple keylocks:......................................................... 15
6.3 Building Dumpster.................................................................................. 16
6.4 Parking Lots............................................................................................ 16
7 Zoom’s Leadership.................................................................................... 17
7.1 Zoom’s Directors. ...................................................................................... 17
7.2 Zoom’s Consel Members............................................................................... 17
7.3 L Schuck, Henry......................................................................................... 18
7.3.1 Employment................................................................................................. 18
7.3.2 Home.......................................................................................................... 18
7.3.3 Phones........................................................................................................ 18
7.3.4 Social Media & Accounts.............................................................................. 19
7.3.5 Family & Friends.......................................................................................... 19
7.3.6 Domains...................................................................................................... 19
7.3.7 Main Breches............................................................................................... 20
7.3.8 Leaks & Other Public Data........................................................................... 20
3
7.4 Nir, Hila.................................................................................................... 21

7.4.1 Employment................................................................................................. 21
7.4.2 Home.......................................................................................................... 21
7.4.3 Phones........................................................................................................ 21
7.4.4 Emails......................................................................................................... 21
7.4.6 Family & Friends.......................................................................................... 22
7.4.7 Main Breaches.............................................................................................. 22
7.5 Joseph Hays, Chistopher............................................................................... 23
7.5.1 Employment................................................................................................. 23
7.5.2 Phones........................................................................................................ 23
7.5.3 Home.......................................................................................................... 23
7.5.4 Emails......................................................................................................... 23
7.5.6 Main Breaches.............................................................................................. 24
7.6 Prasadh, Cadambi........................................................................................ 25
7.6.1 Employment................................................................................................. 25
7.6.2 Phones........................................................................................................ 25
7.6.3 Home.......................................................................................................... 25
7.6.4 Main Breaches.............................................................................................. 26
7.7 Mader, Mark.............................................................................................. 27
7.7.1 Employment................................................................................................. 27
7.7.2 Phones........................................................................................................ 27
7.7.3 Family & Friends.......................................................................................... 27
7.7.4 Emails......................................................................................................... 28
7.7.5 Education.................................................................................................... 28
7.7.7 Main Breaches.............................................................................................. 28
8 Investigator Profile................................................................................. 29
9 Apendix .............................................................................................. 30
4
1 C onCeption
1.1. SCope
The scope of the aforementioned OSINT (Open Source Intelligence)

report is: Any data exposures pertaining to the client’s upper management;
Any public visible information which could embarrass or otherwise damage
the company; Any data which could be used by hackers to carry out acts of
fraud, extortion, social-engineering, or other crimes against C-level staff or
the organization. Each goal listed above has been confirmed by Steadman
Protective Services.
1.2. DiSClaimer
All of the report’s data were obtained from publicly available resources.
The data is in compliance with agency policy as well as local and federal
law. During the investigation process, Doctor used publicly available tools.
Only verified data were presented. Doctor is available in the need of

further investigations, questions or requests. Please refer to the Doctor’s
email address and you’ll be reached as soon as possible:
5
2 Executive Summary
Zoominfo, at first sight, seems like a solid and reliable B2B service
collaborating with tech giants such as Google, Zoom, Snowflake, and T Mobile. But
underneath all of the elaborated software they offer - such as SalesOS, MarketingOS,
and TalentOS - there is a worrisome amount of exposed data coming from the
C-Level and Board Members.
Some of the compromised data are:
• Leaked Personal Emails;

• Leaked Family and Close Friends;
• Email breaches - some still private, being traded or sold on the Dark Net;
• Username and passwords revealed;
• Home address leaked;
• Compromising and embarrassing social media posts;
• The HQ building seen from inside on a virtual tour;
• And much more.
It became clear that although their own services are geared towards B2B
(business to business), with solid intel handled by an organization with market
cap over 27B USD, the five chosen Zoominfo's key-personnel in this investigation
have their own information "hidden in plain sight" in a just-enough manner to
allow hackers to use it for blackmail, attacks, and to explore even their website
Whois data, with the information scraped and a Domain Administrator shown to be
careless by using a work-related exposed email address.
The compromising data presented in this report can be thought of as a

pyramid - the most senior personnel in the Organization’s structure are the ones
that had the most personal data turned to be seen publicly. The CEO Henry Schuck,
for example, used the same username for almost all his accounts, exposed family
members such as children in multiple Instagram photos and their full name scraped
from a Twitter post made by the father. His wife, meanwhile, interacts with other
members of the C-level on Facebook and Instagram.
For each of the five chosen senior professionals, this report includes
recommendations to clean the compromising data and protect their reputation, so
the business continues to grow securely.
The recommendations and Operational Security are:
• Enforce change of all passwords to random 20+ characters each;

• Use a password manager software to generate and store the passwords;
• Migrate personal email to a new one, preferably a more private provider;
• Use different email aliases and usernames for each website account;
• Hide signatures from open web pages;
• Turn all personal social media private.
6
3 Threat Model
This Threat Model will approach the case where the source of the threat
comes from inside the organization.
With nearly 25% of the staff disapproving the top leadership, due to
organizational culture challenges and high pressure, there is a chance for an Insider
to act.
An Insider is an employee that can become a threat when using their
authorized access, wittingly or unwittingly, to do harm to the Organization's (in
this case, Zoom's) mission, resources, personnel, facilities, information, equipment,
networks or systems.
There is no effortless fix: improving relations between staff and leadership
takes a long time since Zoom has thousands of employees and multiple offices
around the world. On the other hand, a good start is to put to practice the OPSEC
mentioned in this report - and go even further by installing biometry, cameras, and
electronic locks - so the chances for an Insider to act maliciously at work goes
down.
The bigger an organization gets, the greater the chance that Hackers and
Cybercriminals will try to attack or extort its leaders - beginning with the CEO and
other C-level leaders, down to directors and managers. Because leaders are the
favorite target for Hackers and Cybercriminals (considered 'whales' to spear phish),
it’s extremely important to perform an OPSEC training, starting by applying privacy
techniques - Michael Bazzell's book Extreme Privacy is a recommended guide. A
couple of the targets in this report left enough information in public - mainly on
social media - for a criminal to use against them, embarrass them or even aim at
their families to perform extortion.
7
It's recommended to at least turn the top-leadership’s personal social media
private, if they are not used for institutional purposes (Private Instagram, clean
friends list, use fake names for new accounts), change old passwords, especially
the ones breached, and clear the unwanted online footprint (deleting old tweets,
hunting and removing old and unused accounts, etc.)
More recommendations for each target are available in the report.
Images source: https://www.indeed.com/cmp/Zoominfo
8
4 Zoominfo online SeCurity

4.1 phoneS numberS
Company Phone Numbers Notes
+1 866-904- Business Hours: 3 AM -8 PM EST (-5:00)
+1 844-992 Business Hours: 3 AM -8 PM EST (-5:00)
+1 781-693 Collected from WhoIs Scrape
Source: <https://www.zoominfo.com/about/contact>
4.2 WebSite teChnologieS

There are many technologies on ZoomInfo’s website -www.zoominfo.com-, such as:
CMO CDN Database Advert. Security Code Hosting
Wordpress Unpkg MySQL RedditAds PerimeterX PHP WP Engine
Google Cloud Outbrain Lit.html
Cloudflare Microsoft Ad. Lit-element
Zoominfo Crypto-js
Marketo Core-js
Eloqua JQuery
Google Analytics
Faceb. Pexel
4.3 WhoiS leakS Property Value

Name Zoom Information, Inc.
Organization Zoom Information, Inc.
Email @zoominfo.com
Address Road
Zip Code 02452
City walthan
State MA
Country US
Phone +1.7816
Fax +1.9999
NameServer DNS2.ZOOMINFO.COM
Created 2010-10-03 05:12:27
Changed 2015-01-29 01:02:06
Domain Name of Org. Domain Admin. Email Expires 2016-05-14 00:00:00
Zoominfo.com Zoom Information, Inc. zoominfo.com Registrar NETWORK SOLUTIONS, L
9
The address provided by the WhoIs in question (307 Waverley Oaks Rd) - and
one of the ZoomInfo’s headquarters (275 Waltham, MA) are only about 5 mi-
les between each other.
Source: https://www.google.com/maps/dir/275+Wyman+Street,+Waltham,+MA/307+Waverley+Oaks+R-
d,+Waltham,+MA+02452/
10
4.4 Domain aDminiStrator’S breaCheS

The Domain Administrator’s email - before the WhoIs data got protected - is seen as
zoominfo.com.
By searching, it was found that “Kenney” got their e-mail and compromising data
breached:
Target: kenney@zoominfo.com Date and compromised data

Apollo July 2018
Compromised Data #1 Email addresses, Employers, Geographic locations, Job titles,
Names, Phone numbers, Salutations, Social media profiles
Epik September 2021
Compromised Data #2 Email addresses, Names, Phone numbers, Physical addresses,
Purchases
Lead Hunter March 2020
Compromised Data #3 Email addresses, Genders, IP addresses, Names, Phone numbers,
Physical addresses
NetProspex 2016
Compromised Data #4 Email addresses, Employers, Job titles, Names, Phone numbers,
Physical addresses
Verifications.io Feb. 2019
Compromised Data #5 Dates of birth, Email addresses, Employers, Genders, Geographic
locations, IP addresses, Job titles, Names, Phone numbers,
Physical addresses
4.5 WebSiteS reDireCting to Zoominfo.Com

There are many domains that redirect to Zoominfo.com -
Domains
main page or deeper sections of the site.
zoominfo-privacy.com
The website everstring.io, for example, has no HTTPS. A zoominfo.co
modern browser will need permission to proceed to the
zoominfo.work
website and the connection is not secure.
zoominformationinc.com
Some of those are domain lookalikes (zzoominfo.com). zoominfo.com
Owning them is a good solution to avoid spearphishing
zoominfo.org
attacks, but there is still many ways such as using “l”
instead of an “i” in the word “info”. zoominfo-notice.com
zoominfogrow.com
The IT Team should ensure that none of them is
zoominfo.io
vulnerable to DDoS, IP/DNS leaks or Open Redirect
attacks. If there is no use for a redirect, it should be everstring.io
discarded. ...more on Source
Source: https://host.io/redirects/zoominfo.com
11
4.6 publiC CaSe fileS
Martinez v. ZoomInfo Technologies Inc

ZoomInfo Technologies LLC v. Tkxel, LLC
Zoominfo Technologies LLC, v. Salesgevity LLC, et al
ZoomInfo Technologies LLC v. Global Convergence, Inc.
Plaintiff- ZoomInfo Technologies LLC | Attorney Represented
ZOOMINFO TECHNOLOGIES LLC v. VALASYS MEDIA LLC
DEPT OF WORKFORCE SERVICES V ZOOMINFO TECHNOLOGIES -NON-TRIAL
...more on Source.
Source: <https://unicourt.com/search?q=ZoomInfo&a=all&p=2>
There are 37 Case Files available for the public at Unicourt.com. That gap allows the public
to see legal cases between the government, other organizations, and individuals linked to
ZoomInfo.
4.7 leakeD emailS

Dozens of emails are leaked, including the Leaked Emails
CTO’s address.
oward@zoominfo.com
This is a confirmed and dangerous opportunity dreau@zoominfo.com
for attacks like spearphishing. uckley@zoominfo.com
oominfo.com
The complete list of leaked emails can be found
on the Appendix. zoominfo.com
+140 leaked emails.
Source: <Spiderfoot - Desktop Version
12
5 ZoomInfo Physical Security
5.1 Headquarters Address
Source: https://capacitycommercial.com/properties/?propertyId=821339-lease
Source: Schuckpolo at Instagram
13
5.2 Key Offices

• 805 Broadway Street, Suite 800, Vancouver, WA 98660
• 695 Mansell Road, Suite 250, Roswell, GA 30076
• 1001 E Hector Street, Suite 400, Conshohocken, PA 19428
• 465 California Street, Suite 600, San Francisco, CA 94111
• 435 Ionia SW, Suite 200, Grand Rapids, MI 49503
• 1750 112th Avenue NE, Suite D-151, Bellevue, WA 98004
• 1850 Gateway Drive, Suite 400, San Mateo, CA 94404
• 275 Wyman Street, Waltham-Boston, MA 02451
• 7700 Old Georgetown Road, Suit 500, Bethesda, MD 20814
• 4 HaSheizaf Street, Ra'anana, Israel 4366411
• 133 Whitechapael High Street, London, United Kingdom E17QA
By researching the whereabouts with Google Maps, is possible to notice “For Lease”
signs on the building, going through all dates of capture. Example below.
For Lease Sign Date Source

Contact: Tamara Fuller, August 2021 Google Maps
Eric Anderson
Capacity Commercial Group
Phone: 360.946.4830
Website: https://capacitycommercial.com/
Through the “Capacity” sign’s website, you’re able to see a virtual tour of parts of
the building.
To reach it, enter the website (https://capacitycommercial.com/), select Properties,
search by “805 Broadway” and pick the first one.
Select the tab “Spaces” and “Take a Tour”. There’s also the Floor Plan for a handful
of areas.
Source: <https://capacitycommercial.com/properties/?propertyId=821339-lease>
You can then begin to notice a couple of items on the premises.
(The information below is speculative and might not cover the whole building/headquarters’ security.)
14
6 Technology and Security

6.1 Dome Security Camera on first floor:
The building could have a
CCTV subnet operating.
In this case, it’s good practice

to verify if the CCTV is on a
separate subnet, avoiding it
being hacked or deactivated
from outside.
Also, it’s recommended to

the IT team to periodically
check Shodan.io and Censys
for exposed CCTV on the
premises.
Source: https://my.matterport.com/
show/?m=wTwkmFYfpQr
6.2 Glass doors with simple keylocks:
At the entrance, there are two sets of glass double doors that
could literally be broken into with a heavy tool.
The simple locks indicate a vulnerability to lockpicking during
the closed hours (Monday through Friday 3AM - 8PM EST
(UTC-5:00)).
Also could be vulnerable to tailgating (following closely an
employee to infiltrate the building) during open hours.
Source: https://my.matterport.com/show/?m=wTwkmFYfpQr
15
6.3 Building Dumpster
A dumpster is seen on one side of the building.

If left untouched, it could be vulnerable to Dumpster Diving - the act of
gathering important data and confidential documents from the trash.
Better done during closed hours (after 8PM EST), since there is no gate
nor any barrier to protect the dumpster at night.
Source: https://www.google.com/maps/@45.6272191,-122.6698968,3a,75y,1.35h,77.82t/
data=!3m6!1e1!3m4!1sORJHZwmrhEgcPJOeAeEKMA!2e0!7i16384!8i8192
6.4 Parking Lots
There are parking lots on 3 sides of the building, all of them easily
accessible.
No security guards or obstacles that prevent a bad actor to park close
were seen, making the organization more prone to Wardriving - the act
of hacking a place by parking close to it and capturing wireless data.
It’s recommended to use air-gapped networks and VPN (Virtual Private

Networks) for the most sensitive data. Also, keeping a totally separate
WiFi for guests.
Source: https://www.google.com/maps/@45.6272191,-122.6698968,3a,75y,1.35h,77.82t/
data=!3m6!1e1!3m4!1sORJHZwmrhEgcPJOeAeEKMA!2e0!7i16384!8i8192
16
7 Zoom’s Leadership
7.1 Zoom’s Directors
Anthony Stark Chris Hays Cameron Hyzer Derek Smith Chetna Mahajan
General Counsel President & COO Chief Financial Officer Chief Strategy Officer Chief Information Officer
Henry Schuck
Found & CEO
Hila Nir Nir Keren Prasadh Cadambi Simon McDougall Tim Strickland
Chief Product Officer President Of Israel Chief Accounting Officer Chief Compliance Officer Chief Revenue Officer
Operations And Chief
Technology Officer
7.2 Zoom’s Board Members
Henry Schuck Todd Crockett Mitesh Dhruv Keith Enright

Founder & Chief Managing Director, Chief Financial Chief Privacy Officer,
Executive Officer TA Associates Officer of RingCentral Google
Ashley Evans Randall Winn Mark Mader

Managing Director, Managing Director, President and CEO
Carlyle Group 22C Capital of Smartsheet
17
7.3 l SChuCk, henry Date of Birth: Jul-1983

Critical Vulnerabilities
•Emails & Password breaches;

•Signature leaked;
•Daughter's full name and active internet presence;
•Recycling the same username for most accounts.
Recommendations
•Change all passwords to random 20+ characters each;

•Use a password manager software to generate and store the passwords;
•Migrate personal email to a new, more private provider such as Protonmail;
•Use different email aliases and usernames for each website account;
•Hide signature from open web to an investor login protected page;
•future
Reduce his daughter’s - Grace Michelle - appearance from his posts to avoid
attacks.
7.3.1 employment
Employer Source Notes
Founder & CEO https://www.zoominfo.com/about/leadership Also a Board Member
7.3.2 home
Home Adresses Timeframe Source
Outdated <https://dehashed.com/
La Crescenta, CA, 91214 search?query=schuckpolo&page=1>
Result #260529913
7.3.3 phoneS
Phone Numbers Source Notes
+1 360-326-4 https://411.info/business/Discover-Org-Vancouver-WA-23200520 Discover Org Number
+1 866-904-9 https://www.zoominfo.com/about/contact ZoomInfo Number
+1 844-992- https://www.zoominfo.com/about/contact ZoomInfo Number
+1 818-249-6 https://dehashed.com/search?query=schuckpolo&page=1 Outdated Number
Result #260529913
+1 360-783- https://www.datanyze.com/people/Henry-Schuck/1260398587 Direct
+1 818-679 https://www.datanyze.com/people/Henry-Schuck/1260398587 Mobili
+1 360-783 https://www.datanyze.com/people/Henry-Schuck/1260398587 HQ
18
7.3.4 SoCial meDia & aCCountS (google SearCheS anD SherloCk)

Website Source Link
Twitter Twitter Search: Henry Schuck https://mobile.twitter.com/henrylschuck
LinkedIn LinkedIn Search: Henry Schuck https://www.linkedin.com/in/hschuck/
Facebook Facebook Search: Henry Schuck https://www.instagram.com/schuckpolo
Instagram Instagram Search: Schuckpolo https://www.facebook.com/henry.chuck
Reddit Search: site:reddit.com“schuckpolo” https://www.reddit.com/user/schuckpolo
Vimeo https://vimeo.com/search/people? https://vimeo.com/user3491146
Pinterest Search: pinterest schuckpolo https://br.pinterest.com/schuckpolo
Capiche Search: Capiche “Henry Schuck” https://capiche.com/u/schuckpolo
DockerHub Sherlock Public Tool https://hub.docker.com/u/schuckpolo
YouTube youtube.com/user/(insert username) https://www.youtube.com/user/schuckpolo
Other Accounts using • Apple Discussions • GitHub • ThemeForest
tool Scherlock • Audiojungle • Houzz • Wikipedia
• Clubhouse • SlideShare
• DeviantART • Smule
7.3.5 family & frienDS

Person Name Source Picture/Icon
Spouse Jessica Schuck Instagram - @jessicaloveleigh
https://www.instagram.com/jessicaloveleigh/
Appears on @schuckpolo
https://www.instagram.com/schuckpolo/
Friend from Russell Van As seen in Henry’s post¹

School, Leuven https://www.instagram.com/p/r-x3k2yaoD/
now General https://www.linkedin.com/in/russellvanleuven/
Manager at https://twitter.com/r_vanleuven
ZoomInfo
7.3.6 DomainS
Domain Web Address Notes
ZoomInfo https://www.zoominfo.com Source: https://host.io/redirects/zoominfo.com
Redirect #1 - #10 •zoominfo-privacy.com

•zoominfo.co
•zoominfo.work
•zoominformationinc.com
•zzoominfo.com
•zoominfo.org
•zoominfo-notice.com
•zoominfogrow.com
•zoominfo.io
•zoominfo.engineering Redirects to https://www.zoominfo.com
19
7.3.7 main breCheS

Breaches Sources and Content Notes
Result #33506974 <https://dehashed.com/search?query=schuckpolo&page=1>
Name Henry L Schuck
Email schuckpolo@aol.com
Address 2850 Montrose Ave, Apt 2, La Crescenta, CA, 91214 Outdated Home Address
IP Address 210.31.210.4 Outdated IP Address
Phone 8182496976 Outdated Phone Number
Username jojoba13
Hashed Password b980882f9aa6f3914b38d585c9e8d1c9
Cracked Password Hashes.org Public Scrape
Email schuckpolo@mgmnightlife.com
Username tabulv
Hashed Password 0x98B1EE33A422B74DC0C84F24530513D77D787929
Email schuckpolo@mgmnightlife.com
Password
Password
7.3.8 leakS & other publiC Data

Item(s) Source Notes
Signature https://ir.zoominfo.com/static-files/
005fe8c2-6de2-4729-a3aa-3fed3505166c
Forbes 40 https://fortune.com/40-under-40/2020/ Bio and Age Estimate

under 40 henry-schuck/
20
7.4 nir, hila

• IP, email, username and password breaches found on

Dehashed;
• Photos of her children, public on Facebook.
Recommendations

•Use different email aliases and usernames for each website account;
•Set Facebook account photos to “only friends”;
•Ask husband to set photos to “only friends” aswell.
7.4.1 employment
Chief Product Office https://www.zoominfo.com/about/leadership Also a Board Member
7.4.2 home
46 Urbana, Outdated https://thatsthem.com/name/Hila-Nir
Atlanta, GA Outdated https://thatsthem.com/name/Hila-Nir
7.4.3 phoneS
+1 617-826 https://www.datanyze.com/people/Hila-Nir/1645938489 Direct Phone Number
+1 360-783 https://www.datanyze.com/people/Hila-Nir/1645938489 HQ Phone Number
+1 937-484 https://thatsthem.com/name/Hila-Nir Personal Number
7.4.4 emailS
Email Source Note
zoominfo.com https://www.datanyze.com/people/Hila-Nir/1645938489 Professional Address
@gmail.com https://www.datanyze.com/people/Hila-Nir/1645938489 Personal Email Address
21
Website Source Link
Twitter Google Search https://twitter.com/hilanir
LinkedIn LinkedIn Search https://www.linkedin.com/in/hila-nir-226851b/
Facebook Facebook Search https://www.facebook.com/hila.nir.50
Instagram Instagram Search https://www.instagram.com/hilanirg/
Vimeo https://www.social- https://vimeo.com/user142028350
searcher.com/search-
users/?q6=Hila+Nir

Husband Erez Nir https://www.facebook.com/erez.nir.9/about_overview
No name leaked https://www.facebook.com/hila.nir.50
Brother-in-law Nir Keren https://www.sec.gov/Archives/edgar/

data/1794515/000162828020002344/
zoominfos-1.htm
7.4.7 main breaCheS

Breaches Sources and Content
Result #68818196 https://dehashed.com/search?query=hilanirg%40gmail.com
Email hilanirg@gmail.com
Password
Email @gmail.com
Username hilanirg
I.P. Address 46.19.86.25 (Israel)
Email @gmail.com
Hashed Password hTtAqdpSu3u82csoVwU9bw==
22
7.5 JoSeph hayS, ChiStopher

• Home address leak

• Many accounts breached
• Personal email leaked.
Recommendations

•Search and remove home address from data brokers.
7.5.1 employment
President & COO https://www.zoominfo.com/about/leadership Leadership
7.5.2 phoneS
+1 360-783 https://www.datanyze.com/people/Chris-Hays/1502602806 Direct Phone Number
+1 360-783 https://www.datanyze.com/people/Hila-Nir/1645938489 HQ Phone Number
7.5.3 home
ir.Mechanicsburg, Current address https://thatsthem.com/email/chaze00@
gmail.com
23
7.5.4 emailS
Email Source Note
mail.com https://www.datanyze.com/people/Chris-Hays/1502602806 Personal Address
comcast.net https://thatsthem.com/address/ Personal Address
zoominfo.com https://www.datanyze.com/people/Chris-Hays/1502602806 Professional Address

Website Source Link
LinkedIn LinkedIn Search https://www.linkedin.com/in/chrishays1/
Facebook Spokeo https://www.facebook.com/chris.hays.50552/
Foursquare Spokeo https://foursquare.com/user/65138576
Pandora Spokeo http://www.pandora.com/people/chaze00
7.5.6 main breaCheS

Collection 1 Combo https://intelx.io/?did=b21523a2-80fa-462b-bf43-e7933382b573
Email @gmail.com
Password
Result #53291156 https://dehashed.com/search?query=chaze00%40gmail.com
Email chaze00@gmail.com
Password
Result #107379495 https://dehashed.com/search?query= gmail.com
Email @gmail.com
Password
Result #107792822 https://dehashed.com/search?query gmail.com
Email gmail.com
Username google-a8284752949356952155aabd56840e0b
Email gmail.com
Username Chaze00
IP Address 149.45
Name Chris H
Email gmail.com
Hashed Password temp
24
7.6 praSaDh, CaDambi Date of Birth: 01/06/1977

• Home address leak

• Multiple accounts breached
• Personal email leaked.
Recommendations

•Ask Google to censor his home from Google StreetView.
7.6.1 employment
Employer Source Note
Chief Accounting Officer https://www.zoominfo.com/about/leadership Leadership
7.6.2 phoneS
+1 650-793 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 Direct Phone Number
+1 516-410 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 Mobile Phone Number
+1 360-783 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 HQ Phone Number
7.6.3 home
4160 Lakeview Blvd. Lake Current address https://thatsthem.com/name/Sriprasadh-Cadambi
anta Rita Ave. Palo Previous address https://thatsthem.com/name/Sriprasadh-Cadambi
25
7.6.4 main breaCheS

Collection 1 Combo https://intelx.io/?did=f12a28d5-578f-4518-b544-018d850a7034
Email @yahoo.com
Password
Result #53291156 https://dehashed.com/search?query yahoo.com
Email @yahoo.com
Username 148688069
Password 0x06AF1B3B4BE8CDC758C6D9DA8F02BA233D89FC01
Result #172569211 https://dehashed.com/search?query yahoo.com
Email cadambi@yahoo.com
Password
Result #187176599 https://dehashed.com/search?query= ahoo.com
Email yahoo.com
Username cadambi
IP Address 67.161.25.55
26
7.7 maDer, mark

• Personal accounts breached multiple times,

• Personal email leaked,
• Compromising Tweets.
Recommendations
•Use a password manager software to manage accounts;

•Activate 2FA on all accounts possible, starting with the breached one;
•Delete older compromising tweets, manually or automated via a tool.
7.7.1 employment
Employer Source Note
Consel Member https://www.zoominfo.com/about/leadership Leadership
7.7.2 phoneS
+1 425-324- https://www.datanyze.com/people/Mark-Mader/47241677 Direct Phone Number
+1 765- 969 https://www.datanyze.com/people/Mark-Mader/47241677 Mobile Phone Number
+1 425)-324 https://www.datanyze.com/people/Mark-Mader/47241677 HQ Phone Number

Spouse hhttps://ischool.uw.edu/news/2021/08/
smartsheet-ceo-creates-informatics-
scholarships-spark-unlock-moments
Child #1 https://twitter.com/markmader No image leaked
Child #2 https://twitter.com/markmader No image leaked
27
7.7.4 emailS
Email Source Note
martsheet.com hhttps://www.datanyze.com/people/Mark-Mader/ Professional Address
gmail.com https://www.datanyze.com/people/Mark-Mader/ Personal Address
7.7.5 eDuCation
Level Grade Source
College B.A. in Geography from Dartmouth College https://www.linkedin.com/in/markmader/
School Lakeside School https://www.linkedin.com/in/markmader/

Website Source Link
Twitter Google Search https://twitter.com/markmader
Linkedln Linkedln Search https://www.linkedln.com/in/markmader/
7.7.7 Main Breaches

Target: mark.mader@gmail.com Date and compromised data
Data Enrichment Exposure October 2019
Compromised Data #1 Email addresses, Employers, Geographic locations, Job titles, Names, Phone
numbers, Social media profile
LinkedIn Scraped Data First half of 2021
Compromised Data #2 Education levels, Email addresses, Genders, Geographic locations, Job titles,
Names, Social media profiles
River City Media Spam List January 2017
Compromised Data #3 Email addresses, IP addresses, Names, Physical addresses
Verifications.io 2019
Compromised Data #4 Dates of birth, Email addresses, Employers, Genders, Geographic locations, IP
addresses, Job titles, Names, Phone numbers, Physical addresses
You’ve Been Scraped Feb. 2019
Compromised Data #5 Email addresses, Employers, Geographic locations, Job titles, Names, Social
media profile
28
8 inveStigator profile
Doctor - the responsible for your report -, is a Cybersecurity professional

and Open Source Investigation expert with high standards.
29
9 Apendix
a. Compromising ratings and comments from employees/ex-employees.
Source: https://www.indeed.com/cmp/Zoominfo
30
b. Building plants
Source: https://my.matterport.com/show/?m=wTwkmFYfpQr
31
c. Full Wappalyzer technology check
Source: Wappalyzer - Google Chrome Webstore
32
d. ZoomInfo Email Leaks
Source: Spiderfoot Tool
33
e. Prasadh Cadambi House’s StreetView
Source: 4160 Lakeview Blvd.Lake Oswego, OR 97035+5551 (StreetView)
f. Hila Nir’s Facebook Photos
Source: https://www.facebook.com/hila.nir.50
34
g. Henry Schuck with his family exposed on Instagram
Source: @schuckpolo on Instagram
h. Henry Schuck accounts and signature
Source: Zoominfo Investors Files
Source: Sherlock Tool
35
CONFIDENTIAL

Investigação ZoomInfo - Hacker Investigador

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Investigação ZoomInfo - Hacker Investigador

Uploaded by

Copyright:

Available Formats

CONFIDENTIAL MAY - 2022

Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13

4 ZoomInfo Online Security........................................................................... 9

5 ZoomInfo Physical Security. ..................................................................... 13

6 Technology and Security.......................................................................... 15

7.4 Nir, Hila.................................................................................................... 21

The scope of the aforementioned OSINT (Open Source Intelligence)

Only verified data were presented. Doctor is available in the need of

Some of the compromised data are:

• Leaked Personal Emails;

The compromising data presented in this report can be thought of as a

The recommendations and Operational Security are:

• Enforce change of all passwords to random 20+ characters each;

4 Zoominfo online SeCurity

4.2 WebSite teChnologieS

4.3 WhoiS leakS Property Value

4.4 Domain aDminiStrator’S breaCheS

Target: kenney@zoominfo.com Date and compromised data

4.5 WebSiteS reDireCting to Zoominfo.Com

4.6 publiC CaSe fileS

Martinez v. ZoomInfo Technologies Inc

4.7 leakeD emailS

5 ZoomInfo Physical Security

5.1 Headquarters Address

Source: Schuckpolo at Instagram

5.2 Key Offices

For Lease Sign Date Source

6 Technology and Security

In this case, it’s good practice

Also, it’s recommended to

6.2 Glass doors with simple keylocks:

6.3 Building Dumpster

A dumpster is seen on one side of the building.

6.4 Parking Lots

It’s recommended to use air-gapped networks and VPN (Virtual Private

7.2 Zoom’s Board Members

Henry Schuck Todd Crockett Mitesh Dhruv Keith Enright

Ashley Evans Randall Winn Mark Mader

7.3 l SChuCk, henry Date of Birth: Jul-1983

•Emails & Password breaches;

•Change all passwords to random 20+ characters each;

7.3.4 SoCial meDia & aCCountS (google SearCheS anD SherloCk)

7.3.5 family & frienDS

Friend from Russell Van As seen in Henry’s post¹

Redirect #1 - #10 •zoominfo-privacy.com

7.3.7 main breCheS

7.3.8 leakS & other publiC Data

Forbes 40 https://fortune.com/40-under-40/2020/ Bio and Age Estimate

7.4 nir, hila

• IP, email, username and password breaches found on

• Photos of her children, public on Facebook.

•Change all passwords to random 20+ characters each;

Atlanta, GA Outdated https://thatsthem.com/name/Hila-Nir

7.4.6 family & frienDS

No name leaked https://www.facebook.com/hila.nir.50

No name leaked https://www.facebook.com/hila.nir.50

No name leaked https://www.facebook.com/hila.nir.50

Brother-in-law Nir Keren https://www.sec.gov/Archives/edgar/

7.4.7 main breaCheS

7.5 JoSeph hayS, ChiStopher

• Home address leak

•Change all passwords to random 20+ characters each;

7.5.5 SoCial meDia & aCCountS (google SearCheS anD SherloCk)

7.5.6 main breaCheS