What Happened
The Crunchbase data breach occurred in January 2026 (not 2024). The cybercriminal group ShinyHunters breached Crunchbase’s corporate network using voice phishing (vishing) to steal employee Okta single sign-on credentials, then exfiltrated over 2 million records containing personally identifiable information (PII), signed contracts, and internal corporate documents in approximately 400MB of compressed files. After Crunchbase refused to pay an extortion demand, ShinyHunters published the stolen data on their Tor-based leak site around January 23-26, 2026. Crunchbase confirmed the breach on January 26, 2026, stating that business operations were not disrupted and that the incident had been contained, while the company engaged external cybersecurity experts and contacted federal law enforcement to investigate. The breach exposed risks of targeted phishing, identity theft, and business email compromise attacks against Crunchbase users and corporate partners whose information was included in the leaked files.
