Rumble

We've been tracking a concerning trend of smaller, "alt-tech" platforms experiencing security incidents, often with limited resources for robust security practices. Our team surfaced a recent breach impacting **Rumble**, the video-sharing platform, while monitoring underground forums known for data trading. What really struck us wasn't the overall volume of records, but the potential for targeted phishing campaigns against a user base often associated with specific political viewpoints. The breach highlights the vulnerability of platforms prioritizing rapid growth and ideological alignment over fundamental security measures.

Rumble Breach: 189k Usernames and Emails Exposed

The video-sharing platform **Rumble** suffered a data breach in **July 2025**, exposing the usernames and email addresses of **189,011** users. While the absence of password data mitigates some immediate risks, the leak opens the door to phishing and social engineering attacks targeting Rumble users. This incident underscores the ongoing challenge for smaller platforms to adequately protect user data amidst rapid growth and evolving threat landscapes.

The breach was discovered on **July 2, 2025**, when a database containing the compromised information appeared on a popular hacking forum. The data dump immediately caught attention due to the platform's prominent position in the "alt-tech" space and the potential for politically motivated targeting. The exposed data included:

Key point: Total records exposed: 189,011

Key point: Types of data included: Email Address, Username

Key point: Source structure: Database

Key point: Leak location: Hacking Forum

Key point: Date of first appearance: 02-Jul-2025

The Rumble breach matters to enterprises because it demonstrates how seemingly isolated incidents on smaller platforms can have broader security implications. Individuals often reuse credentials across multiple sites, and information gleaned from this breach could be used to target Rumble users in other contexts, including their professional lives. This ties into the broader threat theme of credential stuffing and the importance of monitoring for leaked data associated with employees' personal accounts.

External Context & Supporting Evidence

While mainstream media coverage of the Rumble breach has been limited, chatter on platforms like **Telegram** and **4chan** suggests the data is being actively circulated and analyzed. One Telegram post claimed the files were "a goldmine for doxing." This highlights the potential for the leaked data to be weaponized for targeted harassment and intimidation campaigns. Security researchers have also noted an uptick in phishing attempts targeting users of similar "alt-tech" platforms in recent months, suggesting a coordinated effort to exploit vulnerabilities in this ecosystem.

Email · Address · Username