An 88.8 million-record Bureau van Dijk-related leak indexed by leaksear.ch contains data sourced from a customer of Moody's Analytics' Orbis business intelligence product, with a listed breach date of August 19, 2021 (leaksear.ch metadata). Public breach listings describe the dataset as business data collected from public sources that was obtained around August 2021 and later posted to a popular hacking forum (haveibeenpwned.com, monitor.mozilla.org).
What happened
Moody's announced in 2017 that it had completed its acquisition of Bureau van Dijk, describing BvD as a global provider of business intelligence and company information that aggregates and distributes private-company data (ir.moodys.com). The public breach pages do not describe this as unauthorized access to Bureau van Dijk systems; they say the data came from a customer of BvD's Orbis product (haveibeenpwned.com, monitor.mozilla.org).
Have I Been Pwned and Mozilla Monitor also state that the released corpus contained hundreds of millions of lines about companies and people, including 28 million unique email addresses. They report that BvD systems were not accessed without authorization and that the incident did not expose BvD or Moody's clients; the leaksear.ch metadata does not identify a reporter or threat actor for this dataset (leaksear.ch metadata) (haveibeenpwned.com, monitor.mozilla.org).
What data was exposed
leaksear.ch metadata identifies names, dates of birth, email addresses, phone numbers, physical addresses, countries or nationalities, and job titles in the indexed records (leaksear.ch metadata). The platform search pivots are address, country, date of birth, email, name, and phone; additional record context includes job title, nationality, role, entity type, ID type, BvD ID, source ID, and internal source-file metadata (leaksear.ch metadata).
That field profile aligns with HIBP and Mozilla Monitor, which list names, dates of birth, emails, phones, job titles, and physical addresses, while Mozilla says passwords were not exposed in this breach (haveibeenpwned.com, monitor.mozilla.org).
Why this matters
The risk is less about password reuse and more about identity and contact enrichment. Names tied to DOBs, addresses, phones, email addresses, and job titles can help attackers craft believable phishing, impersonation, account-recovery, and business-contact scams. For organizations, the data may be useful to criminals mapping staff, executives, suppliers, or customers before targeted outreach. If you think you may be affected, check whether your email, phone, name, address, country, or date of birth appears in this Bureau van Dijk leak on leaksear.ch.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include address, country, date of birth, email, name, and phone.