DemandScience by Pure Incubation
  • Total Records132,728,324
  • Unique Emails120,183,472
  • Unique Email Providers3,505,629
  • Unique Usernames6,853,797
  • Unique First Names48,680,227
  • Unique Addresses11,610,642

DemandScience by Pure Incubation Data Breach Exposes 132 Million Records in February 2024

In late February 2024, DemandScience by Pure Incubation, a leading US-based provider of technology-enabled marketing services, suffered a major data breach that exposed the personal and business contact information of over 132 million users and organizations worldwide. DemandScience specializes in delivering data-driven marketing solutions, which means it holds large amounts of professional contact data. On February 28, 2024, its database was compromised, leaking a vast collection of information—ranging from names and job titles to email addresses, company affiliations, phone numbers, and even bcrypt-hashed passwords. The breach first emerged when this trove of details was offered for sale on illicit forums, and soon after, the entire dataset began circulating publicly, amplifying the potential impact for individuals and companies alike.

What Data Was Exposed in the DemandScience Breach?

The compromised database included a broad range of information. For affected contacts, exposed fields were full names, email addresses, phone numbers and extensions, street addresses and cities, state, ZIP code, and country. In addition to these, job titles, company names, associated URLs, and IP addresses were also leaked. The dataset included bcrypt-hashed passwords, a common protection for login credentials, as well as some fields labeled as "social," which suggest potential social media or networking identifiers.

How Many People and Companies Were Impacted?

More than 132 million unique user and company records were affected in this breach. Because DemandScience by Pure Incubation supplies business intelligence and marketing data services to a global clientele, the exposure spans both individual professionals and organizations, with records that likely overlap several sectors and regions.

Timeline of the DemandScience Breach

The breach at DemandScience was discovered and reported in February 2024. The exact timeline appears to center around February 28, when the compromised data was first listed for sale. Shortly thereafter, the database began circulating more widely on public forums, making the leaked information much more accessible to anyone interested.

How Did the Data Leak?

The breach originated from unauthorized access to DemandScience’s systems, leading to an exfiltration of its marketing and business intelligence databases. While initial actors attempted to sell the records, the leak quickly became widespread when shared openly, raising the risk that the data could be used for unsolicited contact, targeted phishing campaigns, or other forms of misuse.

FAQ

What happened in the DemandScience by Pure Incubation data breach?

On February 28, 2024, DemandScience by Pure Incubation experienced a data breach that exposed personal and professional contact details of over 132 million users and companies. The data was first sold and then widely circulated on public forums.

How many users were affected in the DemandScience data breach?

The breach impacted 132,728,326 unique records, affecting a massive number of professionals and organizations worldwide who had their contact and business data stored with DemandScience by Pure Incubation.

What data was leaked in the 2024 DemandScience breach?

Data fields in this breach included first and last names, full addresses, email addresses, phone numbers and extensions, company names, URLs, job titles, bcrypt-hashed passwords, IP addresses, and certain social identifier fields.

When did the DemandScience breach occur?

The breach was detected and became public knowledge around February 28, 2024, which is when the dataset was first offered for sale and subsequently made available on public forums.

Who was responsible for the DemandScience data breach?

The specific attackers behind the breach have not been publicly identified, but the incident involved unauthorized access to DemandScience by Pure Incubation’s data, leading to widespread exposure.

How can I check if I'm in the DemandScience by Pure Incubation breach?

You can check if your information was part of the DemandScience by Pure Incubation breach by utilizing the DeHashed search engine.