The FulcrumSec extortion group claims to have breached Blavity Inc., a media technology and entrepreneurship holding company that operates multiple brands targeting Black professionals, including AfroTech, Shadow and Act, and Travel Noire.
The group alleges it first compromised Blavity’s marketing infrastructure in August 2025, exfiltrating a complete user database of nearly 1.2 million individuals. According to the actor, after notifying the company, they discovered a second exposed Iterable API key on November 4, 2025, which they used to send further breach notification emails to over 200,000 users.
The actors are demanding a $120,000 ransom by November 14 to prevent the full-scale release of the stolen data.
According to the actor, the compromised data from the 1.2 million user profiles includes highly sensitive personal and demographic information:
- Email addresses
- Phone numbers
- Physical addresses
- IP addresses
- User agents
- Detailed personal and financial information, including:
- Race
- Salary information
- Disposable income
- Marital status
- Personal interests
- Exercise and vacation frequency












