U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ShinyHunters claims 2 Million Crunchbase records; company confirms breach

Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed to steal over 2 million personal records from its systems. The group leaked a 402 MB compressed archive on their website due to a failed extortion […]

Crunchbase

Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records.

Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed to steal over 2 million personal records from its systems.

The group leaked a 402 MB compressed archive on their website due to a failed extortion attempt.

The company states that operations weren’t affected and that the security breach is now contained. Crunchbase notified federal authorities and is investigating the incident with the help of external experts. The company is reviewing the exposed data to determine if any legal notifications are needed.

“Crunchbase detected a cybersecurity incident where a threat actor exfiltrated certain documents from our corporate network. No business operations have been disrupted by this incident. We have contained the incident and our systems are secure,” Crunchbase told SecurityWeek

“Upon detecting the incident we engaged cybersecurity experts to assist us and we contacted federal law enforcement. Crunchbase is aware that the threat actor posted certain information online. As part of our incident response procedures we are reviewing the impacted information to determine if any notifications are required consistent with applicable legal requirements,”.

The ShinyHunters group recently resumed its Tor data leak site listing breaches at SoundCloud, Betterment, and Crunchbase. Both companies had previously confirmed data breaches.

ShinyHunters is a financially motivated cybercrime group active since 2020. It steals large volumes of personal and corporate data from major companies, then sells or leaks it on underground forums if ransom demands aren’t met. The group uses compromised credentials, cloud services, and social engineering, claiming responsibility for breaches of millions of records from platforms like Tokopedia and other high-profile targets.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ShinyHunters)