Overview
- Crunchbase said a threat actor exfiltrated certain documents from its corporate network, adding that the incident is contained and under review with law enforcement notified.
- SoundCloud acknowledged that data attributed to the service has been posted online and said its team with third‑party experts is reviewing the material after disclosing a December breach affecting about one‑fifth of users.
- Betterment earlier this month confirmed its email platform was abused to send cryptocurrency scams and that data was stolen, while the company is still reviewing the newly posted dump.
- ShinyHunters claims it used voice‑phishing against Okta SSO to access Crunchbase and Betterment, and lists alleged dumps totaling over 30 million SoundCloud records, more than 20 million for Betterment, and over 2 million for Crunchbase.
- Links to the Tor leak site are circulating on cybercrime forums, and a researcher reported the Crunchbase files contained PII and corporate documents as companies and investigators work to verify the scope.