UrsaClimb Logo

Ad tech firm Optimizely confirms data breach after vishing attack

Bleeping Computer
by Sergiu Gatlan
February 23, 2026
AI-Generated Deep Dive Summary
New York-based ad tech firm Optimizely has confirmed a data breach after falling victim to a sophisticated voice phishing (vishing) attack. The incident occurred when threat actors gained access to some of the company's systems on February 11, claiming they had infiltrated its networks. While the attackers managed to steal "basic business contact information," there is no evidence that sensitive customer data or personal information was compromised. The breach notification letters sent to affected customers revealed that the incident was confined to certain internal business systems, including CRM records and back-office documents, and did not disrupt Optimizely's operations. The attack exploited a vishing tactic, where threat actors impersonate legitimate entities over the phone to trick employees into revealing credentials or MFA codes. In this case, the attackers targeted single sign-on (SSO) accounts at high-profile organizations, including Microsoft, Okta, and Google, using a device code phishing technique that abuses the OAuth 2.0 device authorization flow. This method allowed them to hijack SSO accounts and gain access to connected enterprise services like Salesforce, Microsoft 365, and Google Workspace. The breach highlights the growing sophistication of cyberattacks, particularly those targeting IT infrastructure through social engineering. While Optimizely has not disclosed the number of affected customers or identified the specific threat group behind the attack, it appears consistent with the ShinyHunters extortion operation, which has targeted numerous high-profile companies in recent weeks. This incident underscores the importance of vigilance against phishing attempts that may use stolen data to launch follow-up attacks via calls, texts, or emails. For readers interested in cybersecurity, this breach serves as a reminder of the evolving threats landscape and the need for robust security measures, including multi-factor authentication, employee training, and proactive monitoring. Companies must also ensure they protect sensitive SSO accounts and implement safeguards against phishing and vishing attacks to mitigate risks. The incident highlights the
Verticals
securitytech
Originally published on Bleeping Computer on 2/23/2026