Crunchbase hacked and data breach confirmed by ShinyHunters - Cybersecurity Insiders

CYBER THREATS & ATTACKSData Breach Crunchbase, a well-known business intelligence platform that tracks the growth of private startups, has recently made headlines after falling victim to a cyberattack that resulted in a significant data breach. The ShinyHunters hacking group has claimed responsibility for the incident, stating that it exfiltrated nearly 2 million files from Crunchbase’s systems. According to the group, a portion of the stolen data has already been made available online as proof of authenticity. Reports indicate that the attackers demanded a ransom from Crunchbase, which the company allegedly refused to pay. As a result, ShinyHunters released approximately 400MB of the stolen data and has threatened to publish additional files in the coming days. In response, Crunchbase issued a public statement acknowledging the cybersecurity incident. The company confirmed that its incident response and security teams are actively investigating the breach to determine its scope and impact. Further analysis of the leaked data was conducted by Alon Gal, Chief Technology Officer at Hudson Rock. Gal confirmed that the exposed information includes sensitive Personal Identifiable Information (PII), such as employee records and financial details, raising serious concerns about privacy and potential misuse. Cybersecurity experts have also pointed out that ShinyHunters is not a new threat actor. The same group has previously been linked to a massive data breach involving more than 2.5 billion Gmail users, where credentials were reportedly obtained through vulnerabilities associated with Salesforce, a popular customer relationship management platform. According to available information, the Crunchbase attack occurred in December 2025 and is believed to have been carried out using vishing techniques, a form of social engineering that relies on voice-based deception. This has led to speculation that similar tactics were used to gain unauthorized access to Crunchbase’s servers. Additionally, industry insiders suggest that ShinyHunters may have collaborated with other notorious cybercriminal groups, including Scattered Spider and Lapsus$, starting in August 2025. Together, these groups are believed to have compromised several major organizations, such as Allianz Life, Qantas, Pandora, Adidas, and Cisco. The group has also been linked to the high-profile AT&T breach in 2021, which occurred before these alleged alliances were formed. Join our LinkedIn group Information Security Community!