Hackers Claim Magento Breach Via Third-party, Leak Crm Data Of 700k Users

A hacker utilizing nan othername “Satanic” claims Magento breach via third-party, leaks CRM information of much than 700,000 users, including emails, telephone numbers, and institution info from awesome firms.

A threat character known arsenic “Satanic” has claimed work for a caller information breach involving Magento, nan open-source e-commerce level utilized by thousands of businesses globally. According to nan hacker, nan alleged information breach occurred connected April 9, 2025, via a third-party integration, starring to nan theft of a ample dataset containing elaborate business and individual interaction information.

The breach, which remains unverified by Adobe (Magento’s genitor company), includes what nan hacker describes arsenic 745,000 unsocial entries, pinch 430,000 unsocial email addresses and 261,000 telephone numbers. The full dataset has been leaked connected Breach Forums, a notorious cybercrime and information breach platform.

Satanic’s station connected Breach Forums claiming Megento information breach (Screenshot credit: Hackread.com)

From BBC to Chicago Tribune

As analysed by Hackread.com, nan information appears to beryllium pulled from a CRM strategy linked to Magento deployments and includes names, occupation titles, firm emails, institution domains, telephone numbers, and societal media links, including organizations from BBC to Chicago Tribune and galore more.

A record titled “MagentoCRM”, shared arsenic portion of nan leak, contains system entries showing in-depth specifications for each record. In 1 example, a grounds tied to nan BBC lists a director’s afloat interaction data, on pinch links to nan organization’s societal profiles and metadata astir business verticals, exertion usage, and online storefronts.

The sample files besides show CRM-style information alternatively than earthy credentials aliases costs information, but nan quality of nan leak still poses a superior risk. The accusation could beryllium utilized successful phishing aliases B2B impersonation scams aliases for profiling high-value targets. Additionally, respective records look to incorporate verified LinkedIn accounts, firm email aliases, and customer work interaction details.

The database besides includes method metadata that could assistance attackers successful knowing each company’s tech stack, trading platforms, and moreover their costs processors. One introduction references Magento alongside Salesforce, Adobe Experience Manager, and Stripe, suggesting nan breached information whitethorn person been extracted from a tech intelligence level aliases CRM enrichment instrumentality integrated into Magento workflows.

While nan information itself appears existent and not AI-generated, this breach declare follows Satanic’s quality successful headlines past week, aft offering what they described arsenic nan entire database of Twilio’s SendGrid email platform. That breach was denied by Twilio, but nan hacker has maintained their declare successful cybercrime forums.

In September 2024, nan aforesaid character was down nan Tracelo breach, wherever information from 1.4 cardinal users of a geolocation search work was leaked online. In summation to these incidents, Satanic is known for sharing infostealer logs via Telegram channels, which are often utilized by cybercriminals to administer compromised credentials and integer fingerprints.

While Hackread.com has reached retired to Adobe, businesses utilizing Magento, peculiarly those pinch connected CRM tools, are urged to audit their integrations, show for suspicious activity, and reappraisal information entree policies crossed connected services.

This incident adds to a increasing database of third-party proviso concatenation risks affecting integer commerce platforms, wherever nan weakness lies not successful nan level itself but successful nan information pipes feeding into it