Speedio Data Breach
Speedio Corporate Intelligence Database Breach: 27M Business Contact Records Exposed
Risk Interpretation
High risk of spearphishing, executive targeting, and business relationship mapping. The data is especially dangerous because it is already normalized for outreach and enrichment.
Impact & Downstream Threats
In December 2024 a dataset alleged to have been taken from Speedio via an unsecured Elasticsearch instance was posted for sale on a hacking forum. The exposed corpus contained over 62 million records of largely public business information including company names, phone numbers, and physical addresses, with approximately 27.5 million unique email addresses confirmed in the dataset. Because Speedio aggregates commercial data rather than consumer personal information, the individuals and businesses
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
- Employment-based social engineering using job and employer data
Threat Vectors
Breach Intelligence
Executive Summary
Speedio, a Brazilian B2B lead generation platform, suffered a data exposure in December 2024 when a dataset allegedly taken from an unsecured Elasticsearch instance was posted for sale on a hacking forum. The exposed corpus contained over 62 million records, including approximately 27.5 million unique email addresses. The attacker and precise method of access have not been confirmed. Speedio did not respond to disclosure attempts, and the origin of the data could not be independently verified. The exposed data includes company names, email addresses, phone numbers, and physical addresses. Because Speedio aggregates business contact information rather than serving consumers directly, the individuals and companies represented in the dataset were not Speedio customers. They were third parties whose details had been collected and indexed without their direct involvement. This distinction matters: affected people may have no awareness that their business contact information was held by Speedio at all. No formal regulatory action or breach notification has been documented. The practical risk to affected individuals is elevated. The dataset was already structured and normalized for sales outreach, making it immediately useful for spearphishing campaigns, targeted scams, and business impersonation. People whose email addresses or phone numbers appear in the data should be alert to unsolicited contact that references their employer, role, or business relationships.
About Speedio
Speedio is a Brazilian B2B lead generation platform that aggregates business data — company names, contact information, industry classifications, and decision-maker details — to help sales and marketing teams identify prospective clients. The platform sources its data from public business registries, websites, and commercial databases and markets access to its indexed corpus on a subscription basis. It is not a consumer-facing service.
Why They Hold Your Data
Business-intelligence and contact-data platforms aggregate company records, executive identities, emails, phone numbers, and firmographic data for sales and research workflows.
Recent Developments
Speedio continues to operate as a Brazilian B2B sales intelligence platform. No major organizational changes have been publicly reported.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, employer:company_name, phone_number, physical_address
Dark Web Verification
- Dataset containing ~27.5M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: Speedio Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Speedio
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam