Skip to content
Tips? Soon
Support
Sign In Subscribe
Leaks

European Real Estate CRM Whise Allegedly Breached, Over 40 Million Records Leaked

 and  Dark Web Informer
10 min read
Breach Report European Union flagEuropean Union Real Estate

European Real Estate CRM Whise Allegedly Breached, Over 40 Million Records Leaked

A threat actor using the alias ChimeraZ has posted what they describe as the database of Whise.eu, a European real-estate CRM used by agencies and agents to manage leads, properties, and transactions. The leak is a ~15.8 GB JSON dataset of about 40.85 million lines, dominated by roughly 37.7 million email-sending logs alongside several million contact records (a 2.8M-contact file plus smaller contact files). Per the samples, the email logs include recipient names, email addresses, IP addresses, and timestamps, while the contact records include names, email addresses, phone and mobile numbers, marketing-consent flags, and property search criteria. The .be mailing domain and EU focus indicate the data spans individuals across multiple European countries. The dataset's authenticity and scope are unverified.

Data40.8M lines
AccessPoints-gated
CountryEuropean Union flagEU
ActorChimeraZ

Post details

TargetWhise.eu, real estate CRM
CountryEuropean Union flagEuropean Union
SectorReal Estate / SaaS (CRM)
ClaimDatabase leaked (15.8 GB JSON)
Data40.85M lines (email logs + contacts)
Files4 JSON (emails + contacts)
ObservedJun 22, 2026
ActorChimeraZ

!Allegedly included

  • ~40.85M lines (~15.8 GB)
  • ~37.7M email-send logs
  • ~3M+ contact records
  • Names & email addresses
  • Phone & mobile numbers
  • IP addresses & timestamps
  • Property search criteria
  • Marketing-consent flags

Screenshot

Whise EU alleged leak Screenshot 1 Screenshot 1 Redacted preview

Potential impact

This is a high-severity breach primarily because of its scale: tens of millions of email-activity logs and several million contact records belonging to real-estate leads and clients across Europe. The data reportedly pairs names with email addresses, phone and mobile numbers, IP addresses, and property search criteria such as budget and location preferences. Even without passwords or financial-account data, this combination supports large-scale phishing, real-estate and rental scams tailored to people actively searching for property, spam, and profiling. Because IP addresses and contact details are personal data under EU rules, this would be a significant GDPR-relevant exposure. No contact records, names, emails, phone numbers, IP addresses, or download links are reproduced here. The scope and authenticity are unconfirmed.

iStatus

Unverified

Sample JSON records and a download were posted to a forum behind a points paywall; the sample records and download links are not reproduced here. The actor describes the data as a leaked database of the CRM. The claim has not been independently confirmed and Whise has not publicly addressed it.

Want the non-redacted screenshots? Paid subscribers get all of the claim details and unredacted screenshots. Check out the threat feed or ransomware feed (whichever applies to this post), then after subscribing, search there for this alert to view the unredacted version. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Related

Latest