PureIncubation.com

In early 2024, a massive data breach linked to DemandScience, a company owned by Pure Incubation, was disclosed after a threat actor listed the stolen data for sale on a prominent hacker forum. The breach was later attributed to a decommissioned legacy system that had not been properly secured or retired. The exposed dataset contained approximately 122 million unique corporate email addresses along with a wide range of professional contact information aggregated from publicly available sources. The leaked records included full names, corporate email addresses, physical business addresses, phone numbers, employer names, job titles, and links to LinkedIn profiles for many individuals. Because the data was sourced from public business directories and professional networks, it is considered aggregated rather than obtained through a direct intrusion into a live production system. Despite this, the scale of the exposure poses significant risks including targeted phishing campaigns, business email compromise attacks, and social engineering schemes. DemandScience is a B2B data and demand generation platform, making the breach particularly impactful for professionals across numerous industries worldwide. The incident highlights the ongoing risks associated with improperly decommissioned infrastructure and the dangers of large-scale aggregation of professional contact data.