DemandScience Data Breach
DemandScience B2B Lead Intelligence Breach (2024): 132M Professional Contact Records Exposed
B2B lead intelligence and marketing data provider (formerly Pure Incubation)
Risk Interpretation
High risk because the data is already normalized for targeting. Exposure enables spearphishing, executive targeting, business impersonation, and BEC-style attacks.
Impact & Downstream Threats
The 2024 breach highlighted the scale and downstream risk of brokered B2B contact intelligence. HIBP says the exposed corpus was later attributed to a leak from a decommissioned legacy system and consisted largely of business contact data aggregated from public sources, including about 122 million unique corporate email addresses along with names, phone numbers, physical addresses, employers, and job titles. Even though much of the data was framed as public-source business information, packaging
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
- Employment-based social engineering using job and employer data
- Social media account targeting and impersonation
Threat Vectors
Breach Intelligence
Executive Summary
DemandScience, a B2B data and revenue marketing company, suffered a breach affecting 132.7 million records when a large corpus of its data appeared for sale on a hacking forum. The breach was later attributed to a leak from a decommissioned legacy system. DemandScience aggregates business contact information to help enterprise sales and marketing teams identify and reach buyers, which is why consumer data ended up in its systems without any direct relationship between the company and the individuals affected. The exposed data included roughly 122 million unique corporate email addresses, along with names, phone numbers, physical addresses, employer details, job titles, and LinkedIn profile links. Although much of this information was drawn from public sources, the breach packaged it into a clean, normalized dataset that is far more useful to attackers than scattered public records. That combination makes it well-suited for spearphishing, business email compromise, and executive impersonation campaigns targeting both individuals and the organizations they work for. No regulatory actions or notifications have been publicly reported in connection with this breach. Because affected individuals likely had no prior awareness that DemandScience held their data, many will not know to take precautions. People whose information was exposed should be alert to unsolicited contact that references their employer, job title, or workplace details, as attackers can use this data to craft convincing, targeted messages.
About DemandScience
DemandScience is a B2B revenue marketing and data company that sells buyer intelligence, contact data, intent signals, campaign execution, and related go-to-market services to enterprise sales and marketing teams. Its business is built around helping customers identify, score, and reach business buyers through a mix of data assets, software, and managed services.
Why They Hold Your Data
B2B lead-intelligence providers aggregate business contact records, company profiles, job titles, emails, phone numbers, and intent-linked marketing data across sales and outreach workflows.
Recent Developments
DemandScience remains an active growth-stage player in the B2B data and revenue-marketing market, and its recent public activity points to expansion rather than retrenchment. In 2025 it announced the acquisitions of Bound and DemandJump, said it had returned to growth, added a new CFO, and in 2026 announced additional leadership hires tied to AI-driven precision performance marketing.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, employer, full_name, ip_address, job_information:job_title, phone_number, physical_address, physical_address:home, social_media_profile
Dark Web Verification
- Dataset containing ~132.7M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: pure-incubation-2024;DemandScience by Pure Incubation Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of DemandScience
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam