ShinyHunters, a well-known cybercrime and extortion group, says it has stolen more than 2 million records from Crunchbase. According to the group, the data was pulled directly from Crunchbase’s systems and later published online as a 402 MB compressed archive after the company allegedly refused to pay a ransom. As with many extortion-driven attacks, the public release was intended to prove access and apply pressure.
Crunchbase Confirms the Breach
Crunchbase has acknowledged that a cybersecurity incident did take place. The company confirmed that an unauthorized actor accessed part of its environment, exfiltrated certain internal documents, and then posted those files online. While Crunchbase has not verified the hackers’ claim about the total number of records affected, it has not denied that internal data was removed and leaked.
Company Response
Crunchbase says the incident did not disrupt business operations and that the breach has been contained. The company also stated that it has brought in external cybersecurity experts to assist with the investigation and has notified federal law enforcement.
At the same time, Crunchbase is continuing to analyze the leaked material to understand exactly what information was exposed. Based on those findings, the company will determine whether it is required to issue legal notifications to users, partners, or regulators under applicable data protection laws.
What Was Exposed (Early Reports)
Initial reports suggest the leaked archive is roughly 400 MB in size. The data may include a mix of personal and corporate information, such as employee-related records, contracts, and internal business documents. However, the full contents have not yet been independently verified, and investigators are still working to determine the scope and sensitivity of the exposed material.
Broader Context
Security researchers believe this incident is part of a larger ShinyHunters campaign that has targeted multiple organizations using voice-phishing techniques and compromised single-sign-on (SSO) credentials. Other companies reportedly affected by similar tactics include SoundCloud and Betterment.
In those related cases, some organizations confirmed that email addresses and publicly available profile data were accessed, while emphasizing that passwords and financial information were not necessarily compromised. Investigators say this pattern highlights how attackers increasingly rely on social engineering rather than purely technical exploits.
Who Is ShinyHunters?
ShinyHunters has been active since around 2020 and is widely known for high-profile data breaches and extortion attempts. The group typically steals large datasets, demands payment, and then publishes or sells the data if negotiations fail. Over the years, ShinyHunters has become one of the more recognizable names in the cybercrime ecosystem, frequently reappearing in incidents involving major companies and online platforms.
