Vinny Troia

Early Life and Music Career

Before entering the cybersecurity field, Vinny Troia built a career in the electronic dance music industry. From 2002 to 2010, he founded and operated Curvve Recordings, an independent EDM record label. The label debuted with remixes of Ultra Nate's "Free," a previously chart-topping Billboard dance single; Troia's remix, alongside Oscar G and Trendroid, reached #23 on the Billboard club chart. In 2003, Curvve released remixes of Jody Watley's "Looking for a New Love," which climbed to #13 on the US Billboard dance charts. Troia also recorded as an artist himself, releasing "Flow" with vocalist Jaidene Veda in 2006, which peaked at #24 on the Billboard Dance Songs chart, and "Do For Love" featuring Jaidene Veda with a remix by Dave Aude, which reached #40 in 2010. In 2007, Curvve released "One Day My Love" by N'Dea Davenport, which rose to #10 on the US dance chart. Troia also collaborated with artists including David Guetta, Gareth Emery, Dave Aude, and Christopher Lawrence during this period.

Career

Troia transitioned into cybersecurity and established himself as a researcher and entrepreneur. He serves as owner and CEO of Shadow Nexus and Night Lion Security, US-based cybersecurity firms. He also founded Shadowbyte, a threat intelligence firm that was sold in 2022.

In 2018, Troia discovered a data leak of nearly 340 million detailed personal records exposed on a publicly accessible server belonging to Exactis. The following year, in 2019, he uncovered a data breach at People Data Labs in which records containing email addresses, employers, locations, job titles, names, phone numbers, and social media profiles of approximately 1.2 billion people were exposed.

In July 2020, Data Viper, a threat intelligence platform operated by Troia that claimed to host over 8,200 datasets linked to various data breaches, was reportedly compromised. Troia described the platform as a deliberate honeypot designed to track and identify individuals connected to investigations referenced in his published works. That same year, in August 2020, Troia published a white paper examining the underground cybercrime economy centered on the theft and resale of video game credentials, with a focus on Fortnite cosmetics, documenting how some participants earned close to one million dollars per year through such schemes.

Notable Investigations

Troia conducted extensive investigative research into the cybercriminal hacking groups The Dark Overlord, ShinyHunters, and GnosticPlayers. His work presented evidence and analysis suggesting that the primary figures behind The Dark Overlord were two teenagers based in Calgary, Canada, and attempted to link The Dark Overlord's membership to other database-focused hacking groups including ShinyHunters and GnosticPlayers.

Troia was referenced as an intermediary, identified as "Individual-1," in a US arrest warrant for Alexander "Connor" Moucka in connection with the discovery of the Snowflake and AT&T data breaches. Media accounts also described Troia's involvement under the alias "Reddington" in discussions surrounding ransom demands linked to those breaches, including a payment by AT&T.

In November 2021, the hacker known as Pompompurin — administrator of the dark web data-sharing forum BreachForums — publicly targeted Troia by compromising FBI email servers and sending hundreds of thousands of emails falsely accusing Troia of involvement with The Dark Overlord hacking group. Troia additionally claimed that Pompompurin had previously conducted a DDoS attack against one of his websites and hacked the National Center for Missing & Exploited Children's blog to publish a fabricated post about him.

Publications

Troia is the author of two books published by Wiley Books. In 2021, he published Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques, which details investigative tools and techniques for tracking cybercriminals using OSINT methods and provides an in-depth account of his investigation into The Dark Overlord.

In 2025, Troia authored Grey Area: A Dark Web OSINT Field Guide, which examines the use of hacked, breached, and leaked data within the intelligence community, with an emphasis on national security applications. The book incorporates commentary from individuals with backgrounds in US intelligence agencies including the CIA, ODNI, DoD, and DIA, and includes an account of the 2024 Snowflake data breach investigations.