This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

IBM

Summary

In October 2024, threat actor "888" claimed via BreachForums to have stolen 17,500 rows of IBM employee data managed by a third party, primarily affecting India-based personnel (international prefix +91). The compromised data included first names (some full names), mobile numbers, and country codes of current and former IBM employees. IBM refused to comment when contacted, and the incident's veracity could not be independently confirmed. The breach highlighted third-party data security risks.

What Happened

Threat actor "888" claimed unauthorized access to third-party-managed IBM employee data, exfiltrating contact information primarily for India-based staff.

Impact on Individuals

17,500 current and former IBM employees, primarily in India, had names and mobile numbers exposed.

Organisational Response

IBM did not issue public statements and refused to comment on the alleged breach.

Verification Source: View original statement