A hacker, known by the alias Satanic, has recently claimed to have successfully breached Twilio’s SendGrid, a cloud-based email delivery platform. The hacker, who was previously linked to the Tracelo breach, is now offering the allegedly stolen data on 848,000 customers for sale at a price of $2,000. This claim was made in a post on Breach Forums, a popular cybercrime platform, on Thursday, April 3, 2025.
According to Satanic, the database contains detailed information on 848,960 customers and companies. The sample data provided by the hacker includes customer emails, phone numbers, physical addresses, social media profiles, and LinkedIn IDs. Additionally, company-level data such as domain names, revenue, employee counts, and SEO performance was also included in the breach. Some of the well-known companies listed in the sample data are Bank of America, Bazaarvoice, and the BBC.
The data appears to be highly structured and detailed, with dozens of metadata fields providing insights beyond just contact information. It includes web analytics metrics, internal email addresses, phone numbers, geolocation data, insights into backend technologies, and accessibility compliance information. If authentic, this breach goes far beyond a traditional leak and raises serious concerns about data security.
Satanic, the hacker behind this breach, has a history of involvement in major data breaches. In September 2024, Satanic was responsible for leaking personal data on 1.4 million users of a smartphone geolocation tracking service in the Tracelo incident. The hacker is also known for distributing infostealer logs within underground communities via Telegram.
This incident is not the first time Twilio, the parent company of SendGrid, has been associated with data exposures. In July 2024, the hacker group ShinyHunters leaked a dataset containing 33 million phone numbers belonging to users of Twilio Authy, a two-factor authentication app. Another breach in September 2024 exposed 12,000 call records through a third-party tool used by a Twilio customer, raising concerns about data security within the company.
Casey Ellis, Founder at Bugcrowd, expressed concerns about the alleged breach, noting that the comprehensiveness of the dataset is cause for major concern. While Twilio has stated that they have found no evidence of a breach, Satanic continues to claim the legitimacy of the data and the occurrence of a breach at SendGrid.
Despite the claims made by Satanic, there have been recent updates indicating that the hacker has deleted the post on Breach Forums and is now attempting to sell “SendGrid SMTP & API” access without providing further details on the alleged breach. The situation remains unclear, with no responses from Satanic on Telegram or Signal.
In conclusion, the alleged breach of Twilio’s SendGrid by Satanic has raised serious concerns about data security and the protection of customer information. The incident underscores the ongoing challenges faced by companies in safeguarding sensitive data from cyber threats and highlights the need for enhanced cybersecurity measures to prevent future breaches.