KnowBe4 was notified by SpyCloud of a security event on January 15, 2025 that resulted in an unauthorized release of a small portion of SpyCloud’s collected darknet data to a threat actor. Earlier that day, SpyCloud was made aware of potential redistributed data, and immediately investigated. Within hours, SpyCloud proactively alerted KnowBe4 to the exposure. SpyCloud and KnowBe4’s joint investigation determined that an unknown actor abused KnowBe4’s authorized access to SpyCloud’s recaptured data through a machine that had no corporate access.
It is important to note that this event resulted only in the re-release of data that was previously collected from the darknet and there was no breach of customer information managed by either KnowBe4 or SpyCloud. KnowBe4 and SpyCloud are providing this update as a part of each organization’s responsible disclosure program, compliant with our obligations as members of the cybersecurity industry.
While this event was isolated, SpyCloud and KnowBe4 understand the concern it may cause and are deeply committed to supporting those affected. KnowBe4 is notifying the parties impacted, and coordinating with law enforcement to fully investigate.
SpyCloud and KnowBe4 remain dedicated to safeguarding customers and the wider digital community. Existing customers may reach out to their respective support contact, but we will continue to share updates as more information becomes available.
