Crunchbase, a US-based business intelligence platform that tracks information on private and public companies, has confirmed it experienced a data breach following claims by the cybercrime group ShinyHunters that it stole more than 2 million records from the company’s systems. The confirmation came in late January 2026 after the actor posted a compressed archive of purportedly stolen data on its dark-web leak site.
ShinyHunters is a financially motivated cybercrime group known for exfiltrating large volumes of personal and corporate data and publicly listing alleged victims on underground platforms if ransom demands are not met. The group first gained notoriety in 2020 and has been linked to a series of high-profile data theft incidents affecting major organisations.
According to security reporting, the group published a 402 MB compressed archive of files it says were taken from Crunchbase after the company refused to pay extortion demands. The posted archive represents only a fraction of the total data the hackers claim to have accessed. Crunchbase acknowledged the incident, saying it detected a cybersecurity breach involving unauthorised exfiltration of documents from its corporate network. The company said its core business operations were not disrupted by the breach and that its systems are now secure.
In a statement to independent reporting, Crunchbase said it took immediate steps to contain the incident and engaged external cybersecurity experts to assist with the investigation and response. The company also notified federal law enforcement authorities as part of its incident response procedures. Crunchbase said it is reviewing the exposed files to determine what data was affected and whether notifications to regulators or affected parties are required under applicable legal requirements.
Initial analysis of the publicly available sample suggests the leaked material includes personal data such as names, contact details, and business information. The full scope of the breach and the categories of compromised data remain under review. There is no indication so far that passwords or other sensitive authentication credentials were included in the posted archive, but investigations are ongoing.
The ShinyHunters group has also claimed responsibility for similar breaches at other companies, including audio streaming platform SoundCloud and financial services firm Betterment, as part of its revived leak operations. Both of these companies have previously confirmed cybersecurity incidents, and each is reviewing its own exposure and response.
Crunchbase’s confirmation marks one of the few times the company has publicly acknowledged a breach following claims by a cybercrime group. The incident highlights continuing challenges for organisations in protecting corporate networks and sensitive business data against sophisticated data theft and extortion campaigns. Investigation and remediation efforts are ongoing.