The incident was reported in a blog post where the author describes using unique email addresses for each service to track potential leaks. After signing up for BrowserStack's Open Source programme and exchanging emails with support, the author received an unsolicited message from another entity that had acquired the address from Apollo.io. (https://shkspr.mobi/blog/2026/04/someone-at-browserstack-is-leaking-users-email-address/)

Apollo.io first attributed the email to a proprietary algorithm leveraging public data and corporate email patterns but subsequently acknowledged that it was sourced directly from BrowserStack on 2026-02-25 through their customer contributor network.

The author contacted BrowserStack regarding the matter but received no reply despite multiple attempts, according to the published account.