What Happened
In January 2026, Apollo.io, a cloud-based sales intelligence and engagement platform, suffered a data breach where hackers accessed and leaked approximately 480,335 records from its database, including fields such as names (e.g., first and last), emails, job titles (e.g., CTO, IT Director), companies, locations, websites, and other professional contact details, as evidenced by samples shared on hacking forums like CrackingX. The breach involved compressed data files totaling around 99 million records in one reported instance, with additional leaks including 11 million French user records (names, phones, emails, LinkedIn profiles, employer info) sold on underground markets. No confirmed root cause like a specific exploit (e.g., CVE-2026-23897 in Apollo Server) was detailed, but it follows prior incidents like the 2018 hack of 200M contacts and exposed lead-gen datasets potentially linked to Apollo. The exposure heightens risks of phishing, social engineering, and credential stuffing for affected B2B professionals.
