A massive data leak at Netcore Cloud, an AI-powered marketing automation firm based in Mumbai, has exposed over 40 billion records in a 13.41-terabyte database. The publicly accessible trove, discovered by cybersecurity researcher Jeremiah Fowler, contained email logs, partial banking information, healthcare communications, IP addresses, and documents marked “confidential.” The breach, which lacked any encryption or password protection, is one of the largest data exposures recorded this year, highlighting persistent vulnerabilities in enterprise data storage practices.
13TB Database Was Exposed Without Encryption or Passwords
According to multiple reports, Fowler found the Netcore Cloud data set exposed on the public internet—unencrypted and lacking any authentication safeguards. The 13.41TB archive held more than 40 billion records, including:
- Bank notifications referencing specific transactions and partial account numbers
- Healthcare-related messages and appointment confirmations
- Employment-related emails and verification communications
- Marketing mail logs containing message subjects, email addresses, and SMTP metadata
- Files labeled explicitly as “confidential”
- Server names, IP addresses, and reference materials involving production systems
The size and scope of the exposed information is staggering. While not all 40 billion records are presumed to be unique—as many are likely repetitive due to mailing lists and transactional confirmations—the leak still poses significant reputational and privacy risks for individuals and corporations alike. Notably, the database included more than three billion entries flagged as “deleted,” though they remained accessible in the index Fowler observed.
Netcore Cloud operates in over 40 countries and claims more than 6,500 global business clients. Their platform delivers omnichannel customer engagement services across web, email, SMS, WhatsApp, mobile apps, and more—making them a central data processor for some of the world’s most active brands in e-commerce, finance, travel, and entertainment sectors.
Potential Impact Remains Unclear as Timeline and Ownership Are Investigated
Although Netcore promptly secured the database after receiving Fowler’s responsible disclosure notice, several unanswered questions linger. The full duration of exposure is unknown, and it remains to be confirmed whether any malicious actors accessed the open database before its restriction.
While the leaked data is strongly linked to Netcore Cloud Pvt. Ltd. based on file structures and IP resolution, Fowler emphasizes that it is uncertain whether the infrastructure was operated directly by Netcore or by a third-party contractor acting on their behalf. As of now, only an internal forensic audit could determine whether suspicious access occurred and identify how long the sensitive information remained publicly readable.
Netcore, to its credit, responded quickly to the submission and requested additional details from Fowler, including the timeline and structure of the discovered leak. The company has not yet confirmed the origin or ownership of the exposed system.
Even Basic Contact Details Can Fuel Phishing and Social Engineering Campaigns
The breach underscores how seemingly innocuous data—like email addresses, message titles, or IP addresses—can become exploitable assets for cybercriminals when amassed at scale. As cybersecurity teams know, such metadata can be weaponized for:
- Phishing campaigns imitating known brands
- Social engineering efforts targeting specific job roles or user personas
- Credential stuffing attacks using transactional emails to identify password reset triggers
- Fraud based on partial account identifiers or healthcare interactions
Fowler’s findings included mail logs rich with to/from details, SMTP headers, and internal access logs, offering valuable reconnaissance for anyone building a fraud schema around digital or financial activity. Given the volume and nature of records, the exposure heightens risks for identity theft and targeted compromise of users across Netcore’s client base—even if their individual data was not uniquely leaked.
A 2025 Breach Amid an Escalating Trend in Data Leaks
This incident adds to an increasingly troubling pattern of large-scale cybersecurity lapses in 2025. Major platforms such as Discord, Plex, and Elon Musk’s X (formerly Twitter) have also suffered substantial data exposures this year, shaking confidence in companies’ internal control mechanisms.
The Netcore Cloud breach is one of the largest in raw record count and data volume. Despite not being the result of a sophisticated intrusion, the ease of access reflects a critical failing in foundational data hygiene—specifically, the lack of encryption-at-rest, absence of authentication gating, and lax infrastructure hardening.
Such breakdowns in basic cloud security posture continue to allow massive leaks with minimal technical effort. As organizations scale their marketing or data analytics pipelines, ensuring consistent enforcement of encryption, access controls, and configuration management across environments and vendors becomes crucial.
Action Steps for Enterprises and End Users
While the ultimate extent of harm from the Netcore Cloud leak depends on unknowns like exposure duration and potential unauthorized access, both companies and individual users can take precautionary measures to limit future risk:
- For enterprise security teams:
* Enforce encryption of all production and backup data stores * Implement automated audits to detect publicly accessible buckets or databases * Follow least privilege principles to limit access and exposure * Mandate vendor security assessments for any third parties handling sensitive data
- For consumers and end users:
* Monitor email and banking accounts for unusual or unsolicited activity * Avoid clicking on suspicious links, especially those from emails claiming to represent major firms * Use strong, unique passwords for each account and enable multi-factor authentication (MFA) wherever possible * Check credit reports and financial statements more frequently in the aftermath of major breaches
Broader Implications for Marketing Tech Platforms
As an AI-powered marketing platform delivering billions of messages across critical industries, Netcore Cloud’s operations illustrate the convergence of personalization and volume at scale. But this case clearly reinforces a core principle in data stewardship: when such platforms act as custodians of confidential data by proxy for their clients, the need for exhaustive security controls becomes not just best practice—but a business imperative.
Protecting consumer data—including email content metadata, transaction context, and confidential health or financial notifications—demands persistent vigilance. Whether the result of human oversight, misconfigured cloud storage, or system integration gaps, failures like this point to a systemic issue that the industry must address in order to regain trust and avoid regulatory penalties or brand erosion.
