ClickFunnels investigating alleged data breach by "Satanic" hacking group
Learn More
ClickFunnels, a US-based software platform used by marketers and entrepreneurs, is investigating claims of a data breach. The investigation began after a hacking group calling itself "Satanic" announced via Telegram that they had compromised ClickFunnels' systems, allegedly accessing sensitive business and customer data on April 29, 2025.
According to the hackers' claims, they gained access to ClickFunnels through an unspecified third party. The breach was first reported by security news outlet Hackread.com, which notified ClickFunnels of the claims.
A ClickFunnels spokesperson initially stated: "We have not observed any suspicious activity or evidence indicating a data breach involving ClickFunnels systems." The company requested that Hackread share the purportedly stolen data to allow for an internal review.
The data allegedly stolen in the breach appears to be comprehensive business information, including:
- 90,000 unique phone numbers (from Adyen-related data)
- 69,000 unique email addresses (from Adyen-related data)
- Company domains
- Estimated technology spending figures
- Sales revenue information
- Employee roles and organizational structures
- Multiple contact points for businesses
- Social media profiles
- Metadata including Tranco and Page Rank scores
- Timestamps such as "First Detected" and "Last Indexed"
Ayden is a Netherlands-based financial technology company that provides payment processing services. Hackers mentioned "Adyen" but there is no indication that Adyen itself was directly compromised. The reference likely pertains to data processed via ClickFunnels' integration with Adyen's payment services.
The hackers claim to have exfiltrated two large data tables from ClickFunnels, one containing approximately 514,000 entries and another with roughly 460,000 entries. Security analysts who have reviewed samples of the data note that it appears structured and highly detailed, suggesting it could potentially be legitimate business intelligence data rather than randomly scraped information.
The total number of affected businesses cannot be definitively determined from the available information, though the size of the alleged datasets suggests the potential impact could be substantial.
