我们已索引Delve审计泄露事件：533份报告，455家公司，99.8%内容相同。
We indexed the Delve audit leak: 533 reports, 455 companies, 99.8% identical

原始链接: https://trustcompliance.xyz

TrustCompliance.xyz 是一个网站，分析了来自 455 家公司的 533 份 SOC 2 和 ISO 27001 审计报告的大规模泄露事件。分析显示普遍存在欺诈行为，报告中 99.8% 的文本完全相同，表明许多公司通过 Delve 供应商虚假声称符合合规性。该网站提供免费工具，用于检查您的供应商是否在泄露的数据库中，提供报告详细信息和“信任评分”。它重点介绍了经常被检查的公司，例如 Coretsu Inc. 和 Workforce AI。此次泄露事件对受影响企业的安全态势提出了严重质疑，并影响了客户信任、投资者信心和合作伙伴关系。安全专业人士已经开始利用该网站快速评估供应商风险。可以通过电子邮件订阅获取受损公司完整列表。该网站强调在面临潜在后果之前主动进行调查。

大量泄露的Delve SOC2审计报告（533份报告，涉及455家公司）揭示了审计质量普遍存在问题，并可能涉及欺诈。trustcompliance.xyz的分析发现，不同客户的报告几乎完全相同，使用了相同的审计师执照号码，甚至页码。报告始终声明“未发现例外情况”，尽管业务和系统描述各不相同，并且经常从公司网站复制粘贴。该网站提供工具来搜索泄露的数据并识别潜在的欺诈报告，包括一个“滑动游戏”来测试用户区分真实和虚假审计摘录的能力。此次泄露对SOC2合规性的价值和合法性提出了严重质疑，评论员认为它往往只是“安全作秀”，并质疑公司是否真正重视彻底的审计，还是仅仅“完成一项任务”。一些人认为问题的严重性值得法律追究。这一发现凸显了一种令人担忧的趋势，即由营销而非真正的安全评估驱动的自动化、表面化的审计。

原文

This site presents factual analysis of publicly leaked audit data. Results are informational only.

LIVE DATABASE

The Biggest Compliance Fraud

in SOC 2 History

Your vendor's audit might be worthless. 533 reports. 455 companies. One copy-pasted template.

Check if your vendor's security audit was faked

/

455 companies in database · Press / to search

Leaked Reports

Companies Exposed

Identical Text

Recently checked

Indent·Meridian AI·Dentin·Conway·Filed·Stax Payments·Teamworks·Zipline·TrueVault·Greenlight·Workato·Cobalt·Kandji·Replit·Harness·Temporal·Ramp·Census·Persona·Hightouch

Share the news

marked safe from fake SOC 2 audits today

(455 companies weren't this lucky)

Post on X LinkedIn

Trending Now

Most Checked Companies

What People Are Saying

Trusted by Security Teams

“

“Just checked all 12 of our vendors. 3 of them used Delve. This tool saved us weeks of manual review.”

CTO at a SaaS startup

“

“The game is weirdly addictive. Got my whole security team playing it.”

Security Engineer

“

“Shared this with our compliance team. They ran every vendor through the scanner within an hour.”

VP Engineering

“

“Finally, someone made SOC 2 verification accessible to non-security people.”

Founder

84ISO 27001

251SOC 2 Type 1

198SOC 2 Type 2

What Happened

The Anatomy of a Compliance Scam

The Scheme

Delve sold SOC 2 and ISO 27001 certifications as a service. Companies paid, received reports, and displayed compliance badges -- without any real audit taking place.

The Leak

533 audit reports from 455 companies were leaked publicly. Forensic analysis revealed 99.8% identical boilerplate text across every single report.

The Fallout

Every company in the database now faces existential questions about their security posture. Customers, investors, and partners deserve to know the truth.

Last updated: March 21, 2026|14 new reports indexed this week

Tools

Verify. Scan. Assess.

Free tools to check your vendor's compliance integrity.

Is your vendor in the leaked database?

Enter any company name and instantly find out if they appear in the 533 leaked audit reports. See their report type, audit dates, and infrastructure details.

Search the Database

Discussed on

YHacker News

𝕏X / Twitter

r/Reddit

SSubstack

inLinkedIn

Gated Intelligence

Get the full company exposure list

455 companies with compromised audits. Get the complete list with report types, dates, and risk indicators — delivered to your inbox.

No spam. Unsubscribe anytime. Your email is never shared.

Don't wait until your customers ask.

If your vendor is in this database, you need to know now -- before it becomes a board-level conversation.

Check Your Vendor Now

我们已索引Delve审计泄露事件：533份报告，455家公司，99.8%内容相同。 We indexed the Delve audit leak: 533 reports, 455 companies, 99.8% identical

The Biggest Compliance Fraudin SOC 2 History

Check if your vendor's security audit was faked

Most Checked Companies

Coretsu Inc.

Workforce AI

Vulcan Technologies

Lucidic AI

Cyberdesk

The Human Chemical Co.