[BreachExchange] Apollo Data Breach Leads To More Than 200 Million Contact Records Stolen

Destry Winant destry at riskbasedsecurity.com
Tue Oct 2 19:38:29 EDT 2018


Data breaches, hacking attempts, data stealing, all these terms have
now become something of a routine for the corporate sector. Once
again, a massive hack allowed the attackers to pilfer over 200 million
records. This time, the victim is a sales engagement company Apollo.
The reports about the Apollo data breach surfaced online after the
firm began notifying the customers.

Apollo Data Breach Exposed 200 Million Contact Database To Hackers

As disclosed by TechCrunch, the startup sales revenue and engagement
service Apollo suffered a massive hack stealing millions of data
records. Precisely, the company lost around 200 million records from
its contact database in the Apollo data breach.

Reportedly, Bjoern Zinssmeister of Templarbit found an email generated
by Apollo to its customers informing them of a breach. Zinssmeister
shared the email with TechCrunch who then shared the contents of the
email with the public.

According to the email, Apollo noticed the breach “weeks after system
upgrades in July”. Explaining the details of the hacked data, the
email read,

“We have confirmed that the majority of exposed information came from
our publicly gathered prospect database, which could include name,
email address, company names, and other business contact information.
Some client-imported data was also accessed without authorization.”

While the hackers have stolen contact information from Apollo’s
database, the firm confirmed that financial details, Social Security
numbers or other sensitive data remained unaffected as the firm does
not store these details.

Investigations Underway

Right after noticing the breach, Apollo began investigating the
matter. While the investigations are still in progress, Tim Zheng, CEO
Apollo, said in his email that the firm informed the customers
regarding the incident to comply with their transparency values.
However he refused to give more details, as stated in his email,

“The investigation is still ongoing. Only statement that we’re making
to press at this time is the customer communication.”

Although the Apollo data breach merely exposed the “publicly gathered”
information to the hackers, and so, some people may think of it as
potentially less harmful. However, it certainly succeeds in getting
listed among the top hacking attempts and data breaches happened this
year such as the Chegg data breach, and the breach at the fashion
retailer SheIn that affected millions of customers.

Let us know your thoughts in the comments section.

More information about the BreachExchange mailing list