Pure Incubation, currently known as DemandScience, allegedly experienced a data breach earlier this year, resulting in the theft of critical data, including contact information.
The impacted entity is a B2B demand-generation and data aggregator that collects, collates, and organises data from public sources to create a comprehensive dataset that digital marketers and advertisers can use to create rich "profiles" for lead generation or marketing material.
Furthermore, this organisation gathered data from public and third-party sources, including full names, physical addresses, email addresses, phone numbers, employment titles and positions, and social media links.
The alleged cause of the data breach is an unsecured system on Pure Incubation, which allowed a threat actor known as 'KryptonZambie' to sell around 132.8 million documents on BreachForums starting last February.
On the other side, the data aggregator persisted on one of the enquiries, stating that there was no evidence of a hack. However, a follow-up email asking if the leaked data samples belonged to them went unanswered.
Furthermore, the senior director of corporate communications stated that a post from a black hat hacker criminal website triggered them to activate their security and incident response systems. The company also stated that its systems are completely working and that its first investigation did not find any sign of a hack or data breach. Still, it assured every concerned party that it constantly monitored the issue.
On August 15, 2024, KryptonZambie made the dataset available for eight credits, which is equivalent to a few dollars. This disclosure forced the company to verify the data's legitimacy. However, the confirmation stated that anyone who was exposed to the DemandScience leak did so through a system that had been discontinued two years ago.
The 122 million unique email addresses from the stolen dataset have been added to Have I Been Pwned, and impacted subscribers will be notified of the incident. Therefore, the individuals who may have been affected by the data leak should be vigilant of any unsolicited contacts, since threat actors can already carry out targeted phishing operations.