All Vendors
data_enrichment

Leadspace

Leadspace is a data enrichment vendor operating a B2B Customer Data Platform that aggregates data from 30+ third-party sources to build a graph spanning 280 million business professionals and 70 million companies.

15 IOCs
0
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Leadspace discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

4 gaps

compliance

MEDIUM
They Claim

ISO 27001 certified and SOC 2 Type II audited

Observed Behavior

Security certifications cover Leadspace infrastructure and processes, but do not validate the data practices of the 30+ upstream vendors whose data feeds the graph. Security of the platform does not equal compliance of the data.

compliance

MEDIUM
They Claim

GDPR compliant with opt-out mechanisms

Observed Behavior

Opt-out options exist for individuals, but the 30+ source supply chain makes it difficult to verify that opt-outs propagate to all upstream providers or that previously-collected data is fully purged from the graph.

transparency

HIGH
They Claim

Decision-quality data from 30+ best sources

Observed Behavior

The specific identity of all 30+ data vendors is not publicly disclosed. Customers cannot independently audit the quality, consent status, or collection methods of each upstream source.

pending

UNKNOWN
They Claim

Open, flexible platform that can onboard any new data source

Observed Behavior

Openness increases data flow surface area. Each new source added to the graph expands the consent and compliance burden without corresponding visibility for end customers. Awaiting scanner verification of runtime behavior.

Customer Impact

What This Means For You

Organizations deploying Leadspace face several significant impacts. First, data supply chain opacity — while Leadspace aggregates from 30+ sources, customers cannot audit individual upstream providers. This means compliance reviews must trust Leadspace's vendor management rather than verifying source-level consent, creating regulatory exposure that scales with the number of jurisdictions you operate in. Second, platform dependency — once Leadspace becomes the unification layer for your customer data, extracting or replacing it becomes a major infrastructure project. The graph combines your first-party data with third-party enrichment in ways that may be difficult to disaggregate. Third, competitive intelligence exposure — as a CDP processing data for multiple customers, Leadspace has aggregate visibility into market targeting patterns, account hierarchies, and pipeline data across its customer base. While data isolation controls presumably exist, the platform's central position creates information concentration risk.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

Recommended Actions for Leadspace

  • - Request a complete list of Leadspace's 30+ data vendor partners and their respective data collection methodologies before deployment. - Audit Leadspace's data processing agreement to understand how your first-party CRM data is used within the graph and whether it informs enrichment for other customers. - Implement consent flag unification within Leadspace to ensure GDPR/CCPA opt-out status is respected across all enriched profiles before activation in outbound campaigns. - Evaluate data portability — confirm that your first-party data can be fully extracted from the graph upon contract termination, separate from third-party enrichment. - Review Leadspace's sub-processor list and ensure each upstream vendor meets your organization's data governance requirements.

Negotiation Leverage

  • When negotiating with Leadspace, focus on supply chain transparency and data isolation guarantees. As a 30+ vendor aggregator, Leadspace should be able to provide a complete sub-processor list with the specific data types each vendor contributes. Demand contractual commitments around data isolation — specifically that your CRM data, enrichment queries, and targeting patterns are not used to improve the graph for other customers or shared with upstream vendors.
  • Key questions to ask: Which of your 30+ data vendors have access to our first-party data as part of the enrichment process? How do you handle conflicting data from multiple sources — which source wins, and how is that decision made? What happens to our unified graph data upon contract termination — is it fully deleted or retained for platform improvement? Can we opt out of specific upstream data sources if they fail our internal compliance review? Ensure contracts include audit rights over the data supply chain, data deletion guarantees, and restrictions on using your first-party data to enrich profiles for other customers.
IOC Manifest

IOC Manifest

15 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*radar.leadspace.com/m2vR10uCZP/tag.js*
Tracking script
TRACK
*go.leadspace.com/analytics*
Tracking script
TRACK
radar.leadspace.com/m2vR10uCZP/tag.js
Auto-extracted from scan
TRACK
radar.leadspace.com/page-tracking/leadspace_6815/https%3A%2F%2Fwww.leadspace.com%2F
Auto-extracted from scan
TRACK
go.leadspace.com/analytics
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Leadspace occupies a uniquely central position in the B2B data ecosystem. As a CDP that aggregates from 30+ data vendors — including named partners like ZoomInfo and SalesIntel — Leadspace functions as a data supply chain hub. Customer CRM data flows in, gets combined with third-party sources, and enriched profiles flow back into Salesforce, marketing automation platforms, and other connected systems. The ecosystem risk is multiplicative. Each of the 30+ upstream data vendors has its own data sourcing practices, sub-processors, and compliance postures. Leadspace's open architecture, which allows custom data source onboarding via API and SFTP, means the supply chain can grow without centralized visibility. Organizations using Leadspace alongside other enrichment tools may create circular data flows where the same contact information passes through multiple aggregation layers, each adding and recombining data from overlapping sources. The graph's coverage of 70 million companies and 280 million professionals means Leadspace's data decisions affect a significant portion of the global B2B ecosystem.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

15 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details