BrandWikiReturn

Hudson Rock

Hudson Rock Limited is an Israeli cybersecurity company headquartered in Tel Aviv specialized in infostealer malware.[1][2] Hudson Rock was co-founded in 2020 by Alon Gal, who previously worked in Unit 8200 of the Israeli Defense Forces and Roi Carthy, a technology industry businessman.[3] Hudson Rock has identified data breaches involving personal information from companies including Facebook,[4] Twitter,[5] Airbus,[6] Telefónica,[1][7] Samsung Electronics,[8] Jaguar Land Rover and Telefónica.[3][9][10] In 2024, Hudson removed a report about Snowflake after legal pressure.[11]

Alon Gal

Alon Gal (b. 1996) is an Israeli cybersecurity expert and entrepreneur. He is the co-founder and chief technology officer of Hudson Rock,[12]

One of Gal's contributions to the industry was to uncover a massive data breach that affected over 533 million Facebook users.[13] The breach included users' phone numbers, email addresses, birthdays, and other personal information. Gal was the first to report the breach, which ultimately led to a $276 million fine for Facebook from the Irish Data Protection Commissioner for violating General Data Protection Regulation laws.[14]

In addition to the Facebook breach, Gal also played a role in uncovering a 2023 data breach that affected over 200 million Twitter users. The breach involved user information, including email addresses, usernames, and other personal information.[15]

Gal's work has also led to the uncovering of other significant data breaches, including a T-Mobile breach that exposed the personal information of 40 million customers.[16]

For a period of time between 2019 and 2021, Gal operated a pseudo-anonymous Twitter account and a Medium (website) blog called Under The Breach, the account gained popularity for the uncovering of several additional data breaches such as the 91 million Indonesian Tokopedia users data leak,[17] the 337,000 Maltese voters database leak which resulted in a 65,000 euro fine,[18] and the 20 million BigBasket users data leak.[19]

External links

References

  1. Infostealer Infections Lead to Telefonica Internal Ticketing System Breach SecurityWeek, 2024-10-08, retrieved 2025-04-27^
  2. Twitter hacked, email addresses of over 200 million users exposed: Report WION, retrieved 2023-05-13^
  3. Ionut Ilascu. HellCat hackers go on a worldwide Jira hacking spree BleepingComputer, 2025-04-05, retrieved 2025-04-27^
  4. Facebook data leak: Half a billion users' information posted on hacking website, cyber experts say CNN Business, 2021-04-04, retrieved 2025-04-27^
  5. Twitter users' data hacked: Email address, phone numbers The Guardian, 2023-01-05, retrieved 2025-04-27^
  6. Brian Krebs. FBI Hacker Dropped Stolen Airbus Data on 9/11 Krebs on Security, 2023-09-14, retrieved 2025-04-27^
  7. Telefonica Breach Exposes Jira Tickets, Customer Data Dark Reading, 2024-10-08, retrieved 2025-04-27^
  8. Dirk Knop. Data leak: 270,000 Samsung customer tickets on the darknet Heise.de, 2025-04-01, retrieved 2025-12-04^
  9. HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials Hackread, 2025-04-05, retrieved 2025-04-27^
  10. Jaikumar Vijayan. Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover SecurityWeek, 2023-10-13, retrieved 2025-04-27^
  11. Hudson Rock yanks report into alleged Snowflake compromise retrieved 2025-12-03^
  12. Twitter in data-protection probe after '400 million' user details up for sale BBC News, 2022-12-29, retrieved 2023-05-19^
  13. Aaron Holmes. 533 million Facebook users' phone numbers and personal data have been leaked online Business Insider, retrieved 2023-04-28^
  14. Emma Roth. Meta fined $276 million over Facebook data leak involving more than 533 million users The Verge, 2022-11-28, retrieved 2023-04-28^
  15. Joseph Menn. Hackers leak email addresses tied to 235 million Twitter accounts The Washington Post, retrieved 28 April 2023^
  16. Rachel Lerman. T-Mobile hack is a return to the roots of cybercrime The Washington Post, 19 August 2021, retrieved 28 April 2023^
  17. Indonesia's Tokopedia probes alleged data leak of 91 million users Reuters, 2020-05-02, retrieved 2023-04-28^
  18. IT firm C-Planet fined €65,000 over massive voter data breach Times of Malta, retrieved 2023-04-28^
  19. Big Basket data breach: email IDs, phone numbers, home addresses of two crore Indians allegedly leaked on the web Business Insider, retrieved 2023-04-28^