NetProspex Data Breach
NetProspex Dun & Bradstreet B2B Marketing Database Breach (2016): 33 Million Professional Contact Records Exposed
B2B marketing data service (now part of Dun & Bradstreet).
Risk Interpretation
High risk because the records are organized for outbound targeting. Exposure enables spearphishing, impersonation, and large-scale business-focused fraud.
Impact & Downstream Threats
In 2016 a corpus of approximately 33.7 million records sourced from D&B's NetProspex service leaked online. The exposed data included names, email addresses, employers, job titles, phone numbers, and physical addresses of professionals across corporate America. Dun & Bradstreet confirmed the leak but attributed the exposure to a customer who had purchased the data and subsequently lost control of it rather than to a breach of D&B's own systems. The distinction matters: the individuals in the dat
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
- Employment-based social engineering using job and employer data
Threat Vectors
Breach Intelligence
Executive Summary
NetProspex, a B2B marketing database service operated by Dun & Bradstreet, exposed 33.7 million professional records when the data leaked online in 2016. The company did not suffer a direct system breach. Instead, Dun & Bradstreet concluded that a customer who had purchased the dataset lost control of it, allowing the records to circulate publicly. The individuals in the database had no direct relationship with NetProspex; their contact information had been aggregated from various sources and packaged as a commercial marketing asset. The exposed records included names, email addresses, job titles, employer names, phone numbers, and physical addresses, all organized specifically for outbound business targeting. That structure is what makes the exposure particularly useful to bad actors. A dataset pre-sorted by employer, role, and contact details provides ready-made material for spearphishing campaigns, executive impersonation, and business-focused fraud at scale. No formal notifications were issued to affected individuals, which is consistent with how B2B data brokers operate: the people whose information is sold are third parties, not customers, and are generally outside the scope of standard breach notification obligations. For those whose records appeared in the dataset, the practical risk is ongoing. The data remains well-suited to targeted phishing and social engineering attacks, particularly those crafted to appear as legitimate business communications.
About NetProspex
NetProspex was a B2B marketing data service that compiled and sold contact information for professionals across corporate America, including names, job titles, employer names, phone numbers, email addresses, and physical addresses. The company was acquired by Dun & Bradstreet in 2015 and operated as part of D&B's data and analytics portfolio. It is not a consumer-facing brand — its records represent professionals whose contact information was aggregated for B2B marketing purposes.
Why They Hold Your Data
Marketing data brokers aggregate business contact records, job titles, company profiles, emails, and phone numbers into lead-intelligence products for B2B targeting.
Recent Developments
NetProspex has been absorbed into Dun & Bradstreet's broader data and analytics product suite and no longer operates as a distinct standalone brand. D&B has continued to expand its B2B data and intelligence services.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, employer, full_name, job_information:job_title, phone_number, physical_address
Dark Web Verification
- Dataset containing ~33.7M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: NetProspex Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of NetProspex
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam