In a post on a dark web forum, a threat actor claimed to have breached Relevvo, an AI-driven marketing firm based in Seattle, Washington. The post alleges that over 430 GB of sensitive company data, including customer information and proprietary datasets, has been stolen and is available for sale at a price of $6,000. The stolen files purportedly contain 8,561,723 individual files spread across 160,412 folders, all in CSV, JSON, and document formats.
The dataset allegedly contains a wide variety of critical company and client information. The breach includes databases from Relevvo’s internal systems and external web crawls, with file names suggesting that sensitive job data, earnings call transcripts, and company details have been compromised. Some of the alleged data entries include:
- Company queries and details from Crunchbase
- Job crawls from firms like Amperity and Hiya
- News crawls and earnings call transcripts
- Data from major clients such as iSpot.tv, FireMon, and Deep Instinct
- Relevvo’s Core Operations
The threat actor also included samples from the alleged leak.
