Incident Overview

A threat actor using the handle "888" posted on BreachForums on January 10, 2026 claiming to be selling leaked data from Tymphany, a global leader in the design and manufacturing of audio systems, headphones, acoustic modules, and drivers with over 90 years of audio design, development, and manufacturing expertise and $1.6 billion in revenue. The threat actor claims to have been connecting to some of their services for approximately 2 days.

• Company Profile: Global leader in audio systems design and manufacturing with over 90 years of expertise
• Revenue: $1.6 billion
• Breach Duration: Threat actor claims approximately 2 days of access to services
• Source Codes: Proprietary software and development code
• Confidential Documents: Internal technical documentation and business materials
• RSA Private Keys: Cryptographic keys for secure communications
• SQL Files: Database files and schemas
• Access Keys: Authentication credentials for systems and services
• Configuration Files: System and application configuration data
• Hardcoded Credentials: Embedded authentication information in code
• SMTP Credentials: Email server authentication details
• Sample Files: Tree file structure showing "Open Architecture - User Journey" with Flow DSP documentation, Flow Studio User Guide, and export command examples
• Payment: One-time sale, XMR (Monero) only
• Contact: PM on-site or Session messenger