Ransomware victim disclosure
← All victimsBAZAARVOICE.COM
Claimed by Mogilevich · listed 2 years ago
Status timeline
- ListedFeb 26, 2024
- Data leakeddate unknown
At a glance
- Group
- Mogilevich
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Feb 26, 2024
- Data size
- 30 GB
About the victim
AI dossier — public-source company profileBazaarvoice is a SaaS platform that enables thousands of global brands and retailers to collect, syndicate, and optimize user-generated content (UGC) such as ratings, reviews, photos, and videos. The platform connects over 13,000 brands and retailers to customer voices, driving measurable revenue impact through authentic content distribution across retail channels.
- Industry
- E-commerce Software & User-Generated Content Platform
Attack summary
Severity: critical — Confirmed exfiltration of employee credentials (emails and passwords) at scale, combined with internal business intelligence data from a major SaaS platform serving thousands of enterprises. Employee credential compromise poses significant risk for lateral movement and further attacks on customer infrastructure.Mogilevich claims to have compromised Bazaarvoice servers and exfiltrated 30 GB of data including employee first names, last names, company names, business emails, and passwords. The group announced the data is for sale with a deadline of 3.2.24.
Data the group says was taken
AI dossier — extracted from the leak post- employee first names
- employee last names
- company names
- business email addresses
- password hashes or plaintext
What the group claims
We successfully pwned Bazaarvoice's servers. Category: Business Intelligence, Development & Design Software Data compromised:first name, last name, company name, business email and password Size: 30GB Data is also for sale! Deadline: 3.2.24 If you are an employee of the company or someone who would like to buy the data, click on me
Sources
- Victim sitebazaarvoice.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

