On February 25, 2025, a threat actor going by the alias Ray published a dataset containing personal and professional details of over 9,000 CrowdStrike employees on a popular dark web forum. The leak appears to be an act of retaliation following CrowdStrike’s involvement in the incident response to a prior breach targeting telecom operator Orange.
The leaked dataset includes:
- Full names
- Corporate email addresses
- Phone numbers
- City and country of residence
CrowdStrike, known for its approach to cybercrime investigations, was recently involved in assisting law enforcement in the arrest of a notable cyber actor. According to the post, the leak was carried out specifically “just to piss them off,” indicating a clear motive of defiance and retribution.
The exposure of employee data not only puts individual staff at risk of phishing and harassment but also highlights the increasing trend of targeting cybersecurity firms through personal data leaks in response to their cooperation with authorities.