Crunchbase Data Breach: ShinyHunters Exfiltrate 2 Million Records via Vishing
Learn More
Crunchbase confirmed a data breach in December 2025 after the ShinyHunters group claimed a breach into their corporate network. The attackers used voice phishing techniques to trick employees and bypass security controls by stealing Okta single-sign-on (SSO) codes to gain access.
The attackers claim to have stolen nearly 2 million files and records. When Crunchbase refused to pay a ransom, the group leaked a 402 MB archive on their Tor-based leak site as proof of the theft.
The exposed data includes:
- Employee records
- Financial details
- Personally Identifiable Information (PII)
- Signed contracts and corporate documents
The number of affected individuals is not disclosed. The company hired external experts and notified federal law enforcement.
Crunchbase claims that the breach is now contained and did not disrupt business operations.
