Hudson Rock - Wikiwand

Israeli cybersecurity company

Company typePrivate

Founded2020; 6 years ago (2020)

HeadquartersTel Aviv, Israel

Hudson Rock
Company type	Private
Industry	Cybersecurity
Founded	2020; 6 years ago (2020)
Headquarters	Tel Aviv, Israel
Key people	Alon Gal (CTO) Roi Carthy (CEO)
Products	Cavalier, Bayonet
Services	Cyber threat intelligence
Number of employees	2–10 (2025)
Website	hudsonrock.com

Hudson Rock Limited is an Israeli cybersecurity company headquartered in Tel Aviv specialized in infostealer malware.^[1]^[2]^[3]^[4] Hudson Rock was co-founded in 2020 by Alon Gal, who previously worked in Unit 8200 of the Israeli Defense Forces and Roi Carthy, a technology industry businessman.^[5] Hudson Rock has identified data breaches involving personal information from companies including Facebook,^[6] Twitter,^[7] Airbus,^[8] Telefónica,^[1]^[9] Samsung Electronics,^[10] Jaguar Land Rover and Telefónica.^[5]^[11]^[12] In 2024, Hudson removed a report about Snowflake after legal pressure.^[13]

Alon Gal (Hebrew: אלון גל; b. 1996) is an Israeli cybersecurity expert and entrepreneur. He is the co-founder and chief technology officer of Hudson Rock,^[14]

One of Gal's contributions to the industry was to uncover a massive data breach that affected over 533 million Facebook users.^[3] The breach included users' phone numbers, email addresses, birthdays, and other personal information. Gal was the first to report the breach, which ultimately led to a $276 million fine for Facebook from the Irish Data Protection Commissioner for violating General Data Protection Regulation laws.^[15]

In addition to the Facebook breach, Gal also played a role in uncovering a 2023 data breach that affected over 200 million Twitter users. The breach involved user information, including email addresses, usernames, and other personal information.^[2]

Gal's work has also led to the uncovering of other significant data breaches, including a T-Mobile breach that exposed the personal information of 40 million customers.^[16]

For a period of time between 2019 and 2021, Gal operated a pseudo-anonymous Twitter account and a Medium (website) blog called Under The Breach, the account gained popularity for the uncovering of several additional data breaches such as the 91 million Indonesian Tokopedia users data leak,^[17] the 337,000 Maltese voters database leak which resulted in a 65,000 euro fine,^[18] and the 20 million BigBasket users data leak.^[19]

References

1 2 "Infostealer Infections Lead to Telefonica Internal Ticketing System Breach". SecurityWeek. 2024-10-08. Retrieved 2025-04-27.
1 2 Menn, Joseph. "Hackers leak email addresses tied to 235 million Twitter accounts". The Washington Post. Retrieved 28 April 2023.
1 2 Holmes, Aaron. "533 million Facebook users' phone numbers and personal data have been leaked online". Business Insider. Retrieved 2023-04-28.
↑ "Twitter hacked, email addresses of over 200 million users exposed: Report". WION. Retrieved 2023-05-13.
1 2 Ilascu, Ionut (2025-04-05). "HellCat hackers go on a worldwide Jira hacking spree". BleepingComputer. Retrieved 2025-04-27.
↑ "Facebook data leak: Half a billion users' information posted on hacking website, cyber experts say". CNN Business. 2021-04-04. Retrieved 2025-04-27.
↑ "Twitter users' data hacked: Email address, phone numbers". The Guardian. 2023-01-05. Retrieved 2025-04-27.
↑ Krebs, Brian (2023-09-14). "FBI Hacker Dropped Stolen Airbus Data on 9/11". Krebs on Security. Retrieved 2025-04-27.
↑ "Telefonica Breach Exposes Jira Tickets, Customer Data". Dark Reading. 2024-10-08. Retrieved 2025-04-27.
↑ Knop, Dirk (2025-04-01). "Data leak: 270,000 Samsung customer tickets on the darknet". Heise.de. Retrieved 2025-12-04.
↑ "HellCat Ransomware Hits 4 Firms using Infostealer-Stolen Jira Credentials". Hackread. 2025-04-05. Retrieved 2025-04-27.
↑ Vijayan, Jaikumar (2023-10-13). "Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover". SecurityWeek. Retrieved 2025-04-27.
↑ "Hudson Rock yanks report into alleged Snowflake compromise". Archived from the original on 2025-04-20. Retrieved 2025-12-03.
↑ "Twitter in data-protection probe after '400 million' user details up for sale". BBC News. 2022-12-29. Retrieved 2023-05-19.
↑ Roth, Emma (2022-11-28). "Meta fined $276 million over Facebook data leak involving more than 533 million users". The Verge. Retrieved 2023-04-28.
↑ Lerman, Rachel (19 August 2021). "T-Mobile hack is a return to the roots of cybercrime". The Washington Post. Archived from the original on 23 October 2022. Retrieved 28 April 2023.
↑ "Indonesia's Tokopedia probes alleged data leak of 91 million users". Reuters. 2020-05-02. Retrieved 2023-04-28.
↑ "IT firm C-Planet fined €65,000 over massive voter data breach". Times of Malta. Retrieved 2023-04-28.
↑ "Big Basket data breach: email IDs, phone numbers, home addresses of two crore Indians allegedly leaked on the web". Business Insider. Retrieved 2023-04-28.

External links

Official website
Under The Breach
Hudson Rock on LinkedIn
Alon Gal's interview at PureVPN.

Related Articles