Schubert Jonckheer & Kolbe LLP is investigating a data breach that led to unauthorized access to the sensitive information of individuals affiliated with Crunchbase, Inc., a California-based market intelligence firm.

In December 2025, a social engineering campaign using custom phishing kits targeted Google, Microsoft and Okta environments using voice phishing techniques. Crunchbase was one of the affected companies. On or around January 23, 2026, the cybercriminal group ShinyHunters leaked 400 megabytes of compressed files after Crunchbase did not pay the requested ransom. Crunchbase confirmed that files were exfiltrated from its corporate network on January 26, 2026. According to Alon Gal, Chief Technology Officer of the threat intelligence company Hudson Rock, personally identifiable information (PII), contracts, and other corporate data was found in the leaked files.

If your personal information was impacted by this incident, you may be at risk of identity theft and other serious violations of your privacy. As a result, you may be entitled to money damages and an injunction requiring changes to Crunchbase’s cybersecurity practices.

If you received notification of this data breach or are affiliated with Crunchbase and wish to obtain additional information about your legal rights, please fill out the form below.