Apollo Data Breach
Apollo.io Sales Intelligence Platform Breach: 92M Professional Profiles Exposed
Sales intelligence and engagement platform.
Risk Interpretation
High risk because the data is already structured for targeting. Exposure enables spearphishing, executive targeting, business impersonation, and BEC-style attacks at scale.
Impact & Downstream Threats
The 2018 Apollo breach exposed the concentrated risk of B2B sales-intelligence platforms by leaving a vast broker-style contact corpus publicly accessible without a password. HIBP says the exposed dataset contained 125.9 million unique email addresses and included names, employers, geographic locations, job titles, phone numbers, salutations, and social media profiles, making it highly useful for phishing, business email compromise pretexting, executive targeting, enrichment, and large-scale cor
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
- Employment-based social engineering using job and employer data
- Social media account targeting and impersonation
Threat Vectors
Breach Intelligence
Executive Summary
Apollo.io, a sales intelligence and engagement platform, left a database containing billions of data points publicly exposed without a password in July 2018. Security researcher Vinny Troia discovered the unsecured database and sent a subset of the data, containing nearly 126 million unique email addresses, to the breach notification service Have I Been Pwned. The exposure affected 92.4 million records in total and stemmed from a misconfiguration rather than an external attack. The exposed data included names, email addresses, phone numbers, employers, job titles, geographic locations, salutations, and social media profiles. Apollo confirmed that passwords, Social Security numbers, and financial data were not included. Even so, the exposed dataset is highly structured and detailed, making it well-suited for spearphishing, business email impersonation, and executive targeting. Many affected individuals never directly interacted with Apollo; their information was held as part of the platform's broader B2B contact database. No major regulatory action or litigation was publicly reported in connection with this breach. Apollo notified affected parties and maintained that the exposure was limited to non-sensitive professional data. For affected individuals, the practical risk remains: their professional profiles, contact details, and organizational affiliations are now part of a known, circulated dataset that can be used to craft highly convincing fraudulent communications.
About Apollo
Apollo.io is a sales-intelligence and engagement platform that combines business contact data, company records, prospecting tools, sequencing, and workflow automation for go-to-market teams. Its public positioning centers on giving sales and marketing users access to a very large B2B contact graph and the tooling to search, enrich, engage, and convert against it.
Why They Hold Your Data
Sales-intelligence platforms aggregate business contact records, company profiles, job titles, emails, phone numbers, and employer-linked identifiers across lead-generation and outbound-sales workflows.
Recent Developments
Apollo remains an active and growing GTM software company with a clear AI-first expansion strategy. Its 2025 product updates emphasized AI-generated summaries, mobile workflows, and expanded calling and extension features, and in March 2026 the company announced its acquisition of Pocus as part of a broader push to build an AI-native operating system for revenue teams.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, employer, full_name, geographic_locations, job_information:job_title, phone_number, salutation, social_media_profile
Dark Web Verification
- Dataset containing ~92.4M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: apollo.io-2018;Apollo Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Apollo
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam