An unidentified threat actor claims to have breached Stepping Stone AG, a Swiss IT services provider specializing in data center and cloud infrastructure contracts. The actor is offering the company’s complete database for sale on a cybercrime forum.
The provided proof, which includes screenshots from a command-line interface and a database browser, indicates unauthorized access to the company’s SugarCRM instance and other internal systems.
The allegedly compromised data includes a significant amount of sensitive information from both the company and its business partners. According to the actor and the screenshots, the leak contains:
- Employee and user databases, including full names, email addresses, phone numbers, and physical addresses.
- Hashed user passwords from the
userstable. - Internal CRM data, including customer lists, project details, and “business exchanges” with thousands of other Swiss companies.
- Internal company financial and accounting data.
- System credentials, including the configuration file for the SugarCRM database.
- Data related to company “migrations.”












