A threat actor claims to have breached Avalara, Inc., a US-based company specializing in tax compliance automation software. The actor is now selling a partial database allegedly stolen from the company in September 2025. The breach is said to impact both Avalara and its customers, which include prominent companies such as Amazon, Microsoft, and Morgan Stanley.
According to the actor, the compromised database contains 8,155,700 rows. The allegedly compromised data includes:
- API Tokens
- API Endpoints
- First Names
- Last Names
- Phone Numbers
- Email Addresses
- Order Metadata
- Shipping Information
- Tracking Information
- IP Addresses
- Internal API Structures
